HL Chronicle of Data Protection

OCTOBER 8, 2018

As a starting point, determine whether the company qualifies as a business under the CCPA’s definition or if it may be subject to the CCPA by its relationships with for-profit businesses. Instead, the CCPA expressly exempts PHI collected by a Covered Entity or Business Associate that is governed by HIPAA. Non-profit Exemption.

Privacy 40

Privacy Healthcare Sales Insurance 40

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

California law also requires businesses that suffer a breach of security to disclose the breach to consumers, and in some instances law enforcement, if sensitive information is compromised. The CCPA’s definition of “consumer” is equally broad. This definition therefore not only encompasses a “consumer” in the traditional sense (i.e.,

Privacy 58

Privacy Sales Education Compliance 58

Schneier on Security

FEBRUARY 28, 2024

In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017.

Insurance 91

Insurance Government Cybersecurity Risk 91

HL Chronicle of Data Protection

JUNE 13, 2019

On May 28, 2019, the Cyberspace Administration of China (“ CAC “) released the draft Measures on the Administration of Data Security (“ Data Security Measures ” see our in-house English translation here ) for public consultation. The scope of application of the Data Security Measures.

Personal data 40

Personal data IT Data collection Compliance 40

IT Governance

MARCH 11, 2024

Only 3 definitely haven’t had data breached. Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. 92 of them are known to have had data exfiltrated, exposed or otherwise breached. Organisation(s) Sector Location Data breached?

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

JANUARY 23, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight More than 70 million email addresses added to Have I Been Pwned The security researcher Troy Hunt has added more than 70 million email addresses from the Naz.API data set to his Have I Been Pwned data breach notification service. Only 1 definitely hasn’t had data breached.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

MARCH 5, 2024

Only 5 definitely haven’t had data breached. Source (New) Engineering Japan Yes >5 TB Array Networks Source (New) Cyber security USA Yes 2.5 It also has a new focus on governance, which encompasses how organizations make and carry out informed decisions on cybersecurity strategy”. NIST CSF 2.0 of the Standard.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Data Matters

SEPTEMBER 3, 2020

The current draft of the FAQ document addresses topics such as general background, the intersection of state insurance regulation and federal securities law regulation, how to satisfy the best interest standard of conduct, and insurer supervision and training requirements. 43R—Loan-Backed and Structured Securities.

Insurance 68

Insurance Paper Artificial Intelligence Big data 68

IT Governance

JANUARY 3, 2024

billion records The security researcher Jeremiah Fowler discovered an unprotected database exposing more than 1.5 Fowler contacted the company, which secured the database. The security researcher Bob Diachenko identified the leak in September and contacted TuneFab, which fixed the misconfiguration within 24 hours.

Data Privacy 107

Data Privacy Insurance Manufacturing Retail 107

Data Matters

DECEMBER 28, 2020

The GCC uses a risk-based capital (RBC) aggregation approach intended to act as an additional group supervisory tool for regulators, in conjunction with the Form F Enterprise Risk Report, Own Risk and Solvency Assessment (ORSA) report, and the Corporate Governance Annual Disclosure. 43R —Loan-Backed and Structured Securities.

Insurance 68

Insurance Paper Risk Analytics 68

ForAllSecure

APRIL 26, 2022

So there’s a need, a definite need, for information security professionals to have access to industrial control systems -- not virtual, but actual hands on systems -- so they can learn. In a moment I’ll introduce you to someone who is trying to do that--bring ICS equipment to security conferences.

Energy and Utilities 52

Energy and Utilities Manufacturing Risk IT 52

Positively RIM

MAY 5, 2015

The following article appears -- in slightly different form -- as the lead contribution to a larger work on Information Governance published online by the International Legal Technology Association. Find it at [link] Written with assistance from Ronke' Ekwensi The whole is more than the sum of its parts: That’s Information Governance.

IT 40

IT Information governance Government Communications 40

ForAllSecure

NOVEMBER 18, 2021

I’m just not convinced that a fingerprint or an image of my face is secure enough. In security we traditionally define the different factors of authentication as something you know, so that could be the username and password, or an answer to a security question. I'm a cyber security professional, I guess.

Authentication 52

Authentication Passwords Artificial Intelligence IT 52

erwin

MARCH 28, 2019

The visualization process can aid in an organization’s ability to understand the security risks associated with a particular process. This also extends to industry-specific other compliance mandates such as those in healthcare, pharmaceutical and the financial services industries.

Digital transformation 71

Digital transformation Healthcare Compliance Financial Services 71