Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance 78

Insurance Paper Privacy Risk 78

Data Protection Report

OCTOBER 3, 2021

The amendment: Expands the definition of “personal information”; Shortens the notification deadline after discovery of a breach from 90 to 60 days; Removes the requirement to consult with law enforcement as part of a risk assessment; Deems compliant any person subject to and in compliance with HIPAA and HITECH; and.

Data breaches 142

Data breaches IT Insurance Passwords 142

Collibra

MARCH 11, 2021

Data governance is a very intricate field, so implementing and sustaining data governance comes with a suite of challenges. Luckily, thousands, if not millions, of organizations use data governance to improve their operations, so you can learn from others’ mistakes and successes. Focus on the operating model.

Government 59

Government Communications Insurance Customer Experience 59

Collibra

APRIL 11, 2022

Data governance is a very intricate field, so implementing and sustaining data governance comes with a suite of challenges. Luckily, thousands, if not millions, of organizations use data governance to improve their operations, so you can learn from others’ mistakes and successes. What are data governance best practices?

Government 52

Government Communications Insurance Customer Experience 52

IT Governance

APRIL 3, 2019

US food giant Mondelez is suing insurance company Zurich American for denying a $100 million (£76 million) claim filed after the NotPetya attack. The UK government and the CIA blame the attack on Russian state-sponsored hackers, claiming it was the latest act in an ongoing feud between Russia and Ukraine. Was NotPetya an act of war?

Insurance 53

Insurance Ransomware Government Paper 53

Collibra

DECEMBER 1, 2020

However, once you have a system of record in place for your data, your organization can implement many valuable data governance use cases more easily. . In this post, we’ll highlight the top three most valuable data governance use cases. Each one depends on a data governance and stewardship function already being in place.

Government 59

Government Analytics Marketing Unstructured data 59

Schneier on Security

FEBRUARY 28, 2024

In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017. The 9/11 attacks cost insurers and reinsurers $47 billion. 11, 2001, terrorist attacks.

Insurance 93

Insurance Government Cybersecurity Risk 93

eSecurity Planet

AUGUST 9, 2022

See the Top Governance, Risk and Compliance (GRC) Tools. are subject to laws such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (the HITECH Act), as well as regulations such as the Clinical Laboratory Improvements Amendments (CLIA).

Data Privacy 142

Data Privacy Compliance Privacy Security 142

Data Protection Report

FEBRUARY 23, 2023

In this post, we will describe some of the risks introduced by personal information collection, and some of the legal obligations of vehicle manufacturers in protecting their customers’ privacy. The meaning of “high-impact” is still not clear and it is anticipated that the definition of “high-impact” will be provided in further regulation.

Privacy 85

Privacy Manufacturing Artificial Intelligence Data collection 85

IT Governance

MAY 7, 2024

This week, it turns out at least 191 further Australian organisations, including government entities, were affected by this breach, highlighting the risks of supply chain attacks. None definitely haven’t had data breached. Source 1 ; source 2 (Update) Insurance USA Yes 75,101 Airsoftc3.com Data breached: 395 GB.

Data breaches 59

Data breaches Education Manufacturing Retail 59

eSecurity Planet

DECEMBER 7, 2023

For example, The Health Insurance Portability and Accountability Act (HIPAA) requires security features such as encryption to protect patients’ health information. In each of these cases, the cracked encryption can lead to leaked data, but the nature of the risk remains distinct.

Encryption 101

Encryption IT Passwords IoT 101

Hunton Privacy

MAY 10, 2022

The CTDPA exempts certain entities, including, for example, state and local government entities, nonprofits, higher education institutions, financial institutions subject to the Gramm-Leach-Bliley Act (“GLB”), and qualifying covered entities and business associates subject to the Health Insurance Portability and Accountability Act (“HIPAA”).

Privacy 118

Privacy Personal data Sales B2B 118

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. GCC using a risk-based capital aggregation methodology. sector; and.

Insurance 68

Insurance Paper Risk Big data 68

eSecurity Planet

FEBRUARY 14, 2023

Growth has definitely been robust. First of all, cybersecurity is becoming a “must have” for businesses and governments. The growing number of data privacy regulations has raised the potential consequences of cybersecurity breaches, spurring demand for GRC (governance, risk, and compliance) software.

Compliance 100

Compliance Security Cybersecurity Marketing 100

Data Matters

AUGUST 24, 2018

The National Association of Insurance Commissioners (NAIC) held its Summer 2018 National Meeting in Boston, Massachusetts, from August 4 to 7, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data . The NAIC is also considering insurers’ use of big data in underwriting life insurance products.

Insurance 60

Insurance Big data e-Delivery Risk 60

Data Matters

SEPTEMBER 4, 2019

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. NAIC Evaluating Definition of “Best Interest” to Determine Whether to Impose Such a Standard in the Suitability in Annuity Transactions Model Regulation.

Insurance 68

Insurance Paper Risk Analytics 68

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. NAIC Considers Comments to the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act . GCC Template and Instructions.

Insurance 68

Insurance Paper Artificial Intelligence Big data 68

erwin

MARCH 30, 2020

Managing and Governing Data From Lots of Disparate Sources. This data will be collected from organizations such as, the World Health Organization (WHO), the Centers for Disease Control (CDC), and state and local governments across the globe. These numerous data types and data sources most definitely weren’t designed to work together.

Metadata 122

Metadata IT Healthcare Government 122

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. Definition and Purpose of a Records Retention Schedule.

Personal data 100

Personal data GDPR Privacy Records Management 100

IT Governance

JANUARY 9, 2024

million people was compromised, including names, addresses, dates of birth, Social Security numbers, taxpayer identification numbers, medical information, health insurance information, and billing and claims information. Only 1 definitely hasn’t had data breached. Information relating to nearly 4.5 Data breached: 4,452,782 records.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

Krebs on Security

JULY 27, 2020

. “The ferocity of cyber criminals to take advantage of COVID-19 uncertainties by preying on small businesses is disturbing,” said Andrew LaMarca , who leads the global high-risk and fraud team at Dun & Bradstreet. For the past several months, Milwaukee, Wisc. ” PHANTOM OFFICES. . ” RECYCLING VICTIMS. .

Energy and Utilities 356

Energy and Utilities Computer and Electronics Insurance Risk 356

Data Protection Report

AUGUST 16, 2017

On the 7 th August 2017, the UK’s Government Department for Digital, Culture, Media and Sport issued a Statement of Intent (the Statement ) outlining its planned reforms of the UK’s data protection laws which are to be implemented by the Data Protection Bill (the Bill ).

Government 40

Government GDPR Personal data Insurance 40

IT Governance

APRIL 23, 2019

The information comprised names, addresses, gender, dates of birth, phone numbers, National Insurance numbers, bank details and salaries. That obviously won’t come into play here as the leak occurred before the GDPR took effect, but a definitive ruling one way or the other will determine whether we will see more class actions in the future.

Data breaches 82

Data breaches Insurance GDPR Compliance 82

Hunton Privacy

APRIL 3, 2018

Covered entity” is defined as “a person, sole proprietorship, partnership, government entity, corporation, nonprofit, trust, estate, cooperative association or other business entity that acquires or uses sensitive personally identifying information.”

Data breaches 72

Data breaches Encryption Insurance Risk 72

DLA Piper Privacy Matters

DECEMBER 3, 2021

The requirements regarding keeping data secure, and new data breach obligations, will definitely up the ante for businesses in the UAE to take cyber security seriously. Definitions. Fortunately the definitions of personal data, processing, data subject, data controller and data processor, have been kept relatively generic.

Personal data 105

Personal data Data breaches GDPR Compliance 105

Data Protection Report

APRIL 24, 2019

2 of 2019 Concerning the Use of Information and Communication Technology in the Area of Health (the Healthcare Data Law ), which governs the use of health data and information generated in the UAE. In March of this year, the UAE issued Law No. The law takes effect three months after issuance. Health Data and Information inside the UAE.

Insurance 40

Insurance Communications Access Government 40

IT Governance

FEBRUARY 14, 2024

Compromised data includes policyholders’ and their families’ civil status, dates of birth and social security numbers, as well as the name of their health insurer and information relating to their contracts. Only 2 definitely haven’t had data breached. 184 of them are known to have had data exfiltrated, exposed or otherwise breached.

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

Data Protection Report

MAY 17, 2019

Excludes “employees” from definition of “consumer”. Expands definition of “de-identified” data, removes “household” from “personal information”. Expands definition of “de-identified” data, removes “household” from “personal information”. Redefines “personal information” to exclude information from government records.

Retail 40

Retail Privacy Insurance Manufacturing 40

DLA Piper Privacy Matters

APRIL 23, 2020

The law also includes a first-in-the-nation definition of “decisions that produce legal effects concerning individuals or other similarly significant effects concerning individuals.” Effective date, scope of application, key definitions. It applies to all state and local government agencies except for the department of licensing.

Privacy 52

Privacy Government Insurance IT 52

Data Matters

AUGUST 5, 2019

The law broadens the definition of “private information” which sets forth the information elements that, if breached, could trigger a notification obligation. The Stop Hacks and Improve Electronic Data Security Act. 6) adjusts the security program in light of business changes or new circumstances; and. (ii)

Cybersecurity 68

Cybersecurity Data breaches Privacy Risk 68

Data Protection Report

JUNE 6, 2019

Although the concept of providing consumers certain privacy rights is similar, the law has some significant differences from the CCPA, including the definition of “sale”. Excludes “employees” from definition of “consumer”. Expands definition of “de-identified” data, narrows definition of “personal information”.

Sales 40

Sales Privacy Insurance Manufacturing 40

IT Governance

APRIL 17, 2019

But as the saying goes, nothing worth having comes easy, and ISO 27001 is definitely worth having. The team will use their project mandate to create a more detailed outline of their information security objectives, plan and risk register. Risk management. Risk management is at the heart of an ISMS. Identify risks.

Risk 75

Risk Information Security Compliance Security 75

HL Chronicle of Data Protection

MARCH 14, 2019

The CISO would be required to report in writing, at least annually, to the FI’s board of directors or equivalent governing body, or, if none exists, a senior officer responsible for the WISP regarding the overall status of the WISP and material matters related to the WISP. Periodic risk assessments. Service provider oversight.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

DLA Piper Privacy Matters

AUGUST 23, 2021

We have summarised the key compliance obligations under the PIPL below, with new obligations in bold for ease of reference: Relevant Laws/Regulations The PIPL becomes the primary, national-level law governing processing of personal information, but does not replace the existing data privacy framework.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

eSecurity Planet

SEPTEMBER 10, 2021

For ransomware attacks where network data gets encrypted , backups are the definitive method for restoring network infrastructure. Successful ransomware attacks additionally constitute a data breach that can push organizations into violating their governance, risk, and compliance (GRC) obligations. million within the last year.

Ransomware 108

Ransomware Encryption Cybersecurity Access 108

Data Matters

MAY 6, 2022

Digital health companies should take note of new data privacy and security developments under the Health Insurance Portability and Accountability Act (HIPAA) that can affect product planning and customer negotiations. What is Digital Health? Comments must be submitted by June 6, 2022. Cybersecurity Industry Newsletter.

Risk 88

Risk Cybersecurity Insurance Authentication 88

ForAllSecure

MAY 17, 2023

Chris Gray of Deep Watch talks about the view from the inside of a virtual SOC, the ability to see threats against a large number of SMB organizations, and the changes to cyber insurance we’re seeing as a result. VAMOSI: Cybersecurity insurance. cyber insurance as a whole was changing heavily. And why is that?

Insurance 40

Insurance Privacy Ransomware GDPR 40