Examples, Exercises, Insurance and Privacy - Information Management Today

New York Department of Financial Services Issues Guidance Regarding Life Insurers’ Use of External Consumer Data in Underwriting

Data Matters

FEBRUARY 20, 2019

On January 18, 2019, the New York State Department of Financial Services (NYDFS) issued Circular Letter 2019-1 (the Circular Letter), addressing insurers’ use of external consumer data and information sources in underwriting for life insurance. Unlawful Discrimination.

Insurance

Insurance Financial Services Compliance Retail

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

Another example is the inclusion of remediation details for old vulnerabilities (including some dating back to 2018) and CISA stating that the Russian state-sponsored advanced persistent threat (“APT”) actors have used these “common but effective” vulnerabilities for attacks. The post U.S.

Cybersecurity

Cybersecurity Financial Services Authentication Government

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This legislation was enacted on an extraordinarily accelerated timeframe as part of compromise with the sponsor of a comparable privacy ballot initiative, which had qualified to be placed before state voters on Election Day in November 2018.

GDPR

GDPR Privacy Sales Data breaches

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Time and tide waits for no man – IoT in Insurance

CGI

MAY 27, 2016

Time and tide waits for no man – IoT in Insurance. This old saying could also be applied for what is happening in the insurance market with IoT and that given the drive behind IoT in both the consumer and business markets. For example, car insurance could be varied between theft and fully comprehensive when the Car is not being used.

Insurance

Insurance IoT Marketing Manufacturing

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This legislation was enacted on an extraordinarily accelerated timeframe as part of compromise with the sponsor of a comparable privacy ballot initiative, which had qualified to be placed before state voters on Election Day in November 2018.

GDPR

GDPR Privacy Sales Data breaches

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance

Insurance Cybersecurity Data breaches Financial Services

Understanding HIPAA: A Guide to Avoiding Common Violations

Armstrong Archives

AUGUST 25, 2023

The Health Insurance Portability and Accountability Act (HIPAA) ensures individuals’ health data protection and privacy. This includes insurance companies, nurses, and doctors. It’s all about creating the perfect balance between optimal medical services while upholding patient privacy.

Computer and Electronics

Computer and Electronics Insurance Compliance Risk

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

International businesses with global privacy compliance programs should seek to expand those to cover the UAE and achieve some synergies. For example, consents must be clear, simple, unambiguous and in an easily accessible form, whether in writing or electronically. The form and use of consents should be considered carefully.

Personal data

Personal data Data breaches GDPR Compliance

RSAC insights: CyberGRX finds a ton of value in wider sharing of third-party risk assessments

The Last Watchdog

MAY 10, 2021

Back in the mid-1990s, big banks and insurance companies came up with something called “bespoke assessments” as the approach for assessing third party vendor risk. So much time and energy was put into the administrative exercise of just requesting data and responding to questionnaires,” Kneip says. “By Visibility boost.

Risk

Risk Insurance Access Security

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

This is the 11th post in a series on privacy by Andrew Pery. Data Privacy and Open Data: Secondary Uses under GDPR. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. Privacy by Design: The Intersection of Law and Technology. Three Critical Steps for GDPR Compliance.

GDPR

GDPR Compliance Privacy Data Privacy

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

Data Matters

OCTOBER 24, 2019

Today we look at verification, children’s privacy and the non-discrimination provisions. In the summer of 2018, the California Legislature drafted and passed the California Consumer Privacy Act (CCPA) in record time. DETAILED ANALYSIS ON VERIFICATION, CHILDREN’S PRIVACY AND NON-DISCRIMINATION. INTRO AND BACKGROUND.

Privacy

Privacy Sales Authentication Passwords

How to Develop an Incident Response Plan

eSecurity Planet

DECEMBER 9, 2021

For example, we might nominate: The IT security manager to handle a ransomware incident; Our external accountant to investigate financial fraud; or. Be in-line with insurance policies. For example, assign the cloud team to initially respond to incidents involving cloud assets with the cybersecurity team providing backup resources.

Insurance

Insurance Ransomware Data breaches Cloud

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

Data Matters

APRIL 10, 2020

While the world seems to have ground to a halt in so many ways, time still marches on, and along with it, the California Consumer Privacy Act (“CCPA”) enforcement date (July 1, 2020) inches ever closer. Restoration of privacy policy disclosures (§ 999.308). Guidance on user-enabled global privacy controls (§ 999.315).

Privacy

Privacy Sales Insurance Compliance

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

Consumer privacy rights in California are well established. The California Constitution expressly grants California citizens a right to privacy. The International Association of Privacy Professionals estimates at least 500,000 U.S. The ballot initiative largely mirrored what is now the language in the CCPA.

Privacy

Privacy Sales Compliance Cybersecurity

Regulatory Update: NAIC Summer 2020 National Meeting

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. NAIC Considers Comments to the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act . GCC Template and Instructions.

Insurance

Insurance Paper Artificial Intelligence Big data

Spain’s New Data Protection Act Now in Force

Data Matters

JANUARY 3, 2019

These include, for example, insurers, investment service companies and providers of information society services. Digital Rights: the LOPDGDD introduces a number of new digital rights for individuals which go beyond those provided in the GDPR e.g., the right to privacy and use of digital devices in the workplace.

GDPR

GDPR Personal data Privacy Insurance

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

Consumer privacy rights in California are well established. The California Constitution expressly grants California citizens a right to privacy. The International Association of Privacy Professionals estimates at least 500,000 U.S. The ballot initiative largely mirrored what is now the language in the CCPA.

Privacy

Privacy Sales Education Compliance

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act. The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences companies. Some, but not all, health and life science entities are exempt from the CCPA.

Privacy

Privacy Healthcare Sales Insurance

Regulatory Update: NAIC Fall 2018 National Meeting

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. For example, the Template allows for: (a) multiple grouping options (e.g.,

Insurance

Insurance Paper Risk Big data

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

Certain sectors, such as banking, financial services, health, and insurance have their own data protection and privacy requirements. A data subject request is an action by an individual to exercise that right, and the organization has an obligation to respond to that request 10 11. 4 Consumer Protection Privacy Act.

Personal data

Personal data GDPR Privacy Records Management

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act. The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences companies. Some, but not all, health and life science entities are exempt from the CCPA.

Privacy

Privacy Healthcare Sales Insurance

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act. The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences companies. Some, but not all, health and life science entities are exempt from the CCPA.

Privacy

Privacy Healthcare Sales Insurance

Saudi Arabia’s New Data Protection Law – What you need to know

DLA Piper Privacy Matters

OCTOBER 7, 2021

For example, an unlawful transfer of personal data outside of KSA can result in a criminal conviction and imprisonment. The PDPL is a law that applies on a national level and so, unlike other KSA sector specific laws dealing with privacy laws to date, the PDPL will apply to all sectors (with certain possible exceptions, discussed below).

Personal data

Personal data Compliance Computer and Electronics IoT

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Data Matters

OCTOBER 22, 2019

In the summer of 2018, the California Legislature drafted and passed the California Consumer Privacy Act (CCPA) in record time. Businesses, consumer advocates, and privacy watchers thus have been eagerly waiting for over a year for the Attorney General to propose the regulations the CCPA requires him to promulgate.

Privacy

Privacy Sales Paper Compliance

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

Today, more than 120 countries have privacy and data protection laws or regulations in place. This comprehensive data privacy law wave has already reached parts of Latin America and the Caribbean. Data privacy officer. The BDPA was passed by the BDPA on July 24, 2019 and now awaits the Governor-General’s signature.

Personal data

Personal data GDPR Data Privacy Privacy

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

We have shared below some interesting points that we’ve seen arising recently, all of which relate to how things are likely to develop from today onwards, including enforcement predictions, challenges related to operationalizing data subject access procedures, and how the GDPR may change the data privacy litigation landscape in Europe.

GDPR

GDPR Personal data Compliance Data breaches

FRANCE: THE CNIL PUBLISHES ITS DATA PRIVACY IMPACT ASSESSMENT (DPIA) GUIDELINES AND A LIST OF PROCESSING OPERATIONS SUBJECT TO A DPIA

DLA Piper Privacy Matters

NOVEMBER 19, 2018

In the continuity of this accompaniment, the CNIL published on November 6th 2018 its DPIA guidelines supplementing the G29 Working Party’s opinion on DPIA along with its DPIA list which gives concrete examples of data processing operations likely to result in a high risk. in the automotive insurance sector); Monitoring.

Data Privacy

Data Privacy IT GDPR Privacy

Malaysian Data Protection Law Takes Effect

Hunton Privacy

NOVEMBER 19, 2013

At present, these include data users in the communications, banking and finance, insurance, health care, tourism and hospitality, transportation, education, direct sales, services, real estate and utilities sectors. Data users in these categories will have three months from November 15 to register.

Personal data

Personal data Marketing Communications Insurance

Preparing for GDPR – Is the Way You Process Information Compliant with Data Protection Laws?

Managing Your Information

MAY 30, 2017

The legal basis for processing must be provided in privacy notices and responses to SARs. However, under GDPR you must also provide the legal basis to people in privacy notices and included in responses to a Subject Access Requests (SARs). Any Processing of Personal Data Must Comply with Data Protection Laws.

GDPR

GDPR Compliance Personal data Access

Preparing for GDPR – Is the Way You Process Information Compliant with Data Protection Laws?

Managing Your Information

MAY 30, 2017

The legal basis for processing must be provided in privacy notices and responses to SARs. However, under GDPR you must also provide the legal basis to people in privacy notices and included in responses to a Subject Access Requests (SARs). Any Processing of Personal Data Must Comply with Data Protection Laws.

GDPR

GDPR Compliance Personal data Access

Regulatory Update: NAIC Spring 2019 National Meeting

Data Matters

MAY 9, 2019

The National Association of Insurance Commissioners (NAIC) held its Spring 2019 National Meeting (Spring Meeting) in Orlando, Florida, from April 6 to 9, 2019. ceding insurer could be eligible for the same reduced collateral requirements that would apply to qualifying EU reinsurers under the revised CFR Model Laws.

Insurance

Insurance Blockchain Big data Risk

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

Noble Lords will be familiar with the role of the Information Commissioner, whose role is to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. I think we can all say “Hear, hear” to that.

GDPR

GDPR Personal data Government IT

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Requests

Data Matters

OCTOBER 23, 2019

In the summer of 2018, the California Legislature drafted and passed the California Consumer Privacy Act (CCPA) in record time. Businesses, consumer advocates, and privacy watchers have thus been eagerly waiting for over a year for the Attorney General to propose the regulations the CCPA requires him to promulgate.

Sales

Sales Privacy Passwords Compliance

Mic Drop: California AG releases long-awaited CCPA Rulemaking

Data Protection Report

OCTOBER 11, 2019

On October 10, 2019, with just weeks to go until the law goes into effect, the California Attorney General released the long-awaited draft regulations for the California Consumer Privacy Act (CCPA). For example, “Household” is defined as “a person or group of people occupying a single dwelling” (999.301(h)). The rules are not final.

Sales

Sales Retail Privacy Access

The Orion blockchain database: Empowering multi-party data governance

IBM Big Data Hub

AUGUST 7, 2023

For example, organizations typically rely on trust in the cloud provider, expecting them to refrain from intentionally blocking client access to services, despite having the capability to do so. Moreover, key-level access control mechanisms guarantee data privacy between the involved parties.

Blockchain

Blockchain Government Authentication Manufacturing

European Commission Releases Assessment of the EU Member States’ Rules on Health Data in Light of GDPR

Data Matters

MARCH 9, 2021

the COVID-19 pandemic; (ii) there is currently no centralized body (in any Member State), which could give access to data in all the various source databases (electronic health records, industry data, health insurers data, etc.) Data subjects’ rights (chapter 6). The Assessment flags that the current practical barriers for data subjects (e.g.,

GDPR

GDPR e-Delivery Government Access

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Examples of services security include: AD security : Adds layers of security to Active Directory to eliminate unneeded access or permission levels, detect unauthorized changes, and block other attacks on AD. For example, EDR might replace antivirus and SASE might replace non-integrated firewalls, CASB, and more. behind the proxy.

Security

Security Cloud Cybersecurity Risk

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

For example, here’s Jerry Lewis in a scene from a 1950s film, where he’s trying to break into a Nazi German military base. When we travel, for example, to a different country, we have this thing called a passport, you know, this physical thing that we hold in our hands. Lewis: Good. Other: Wait. I must have the password.

Passwords

Passwords Authentication Access Data breaches

#ModernDataMasters: Bob More, SVP Global Field Operations

Reltio

JULY 10, 2019

I’ve seen it most successful when it’s taken in the context of a larger overall initiative, for example a digital transformation or implementation of a new system or process. The solely IT-driven ones are more likely to be a plumbing exercise – more about pulling data together and feeding it somewhere else.

MDM

MDM Sales Digital transformation Cloud

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

Data Matters

JUNE 26, 2018

On June 25, 2018, California Secretary of State Alex Padilla announced that a potentially significant privacy initiative is eligible for the Nov. If passed, the ballot initiative — the California Consumer Privacy Act (CCPA) — would immediately make sweeping changes to California’s privacy laws. 6 general election ballot.

Privacy

Privacy GDPR Sales Data breaches

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

For over two and a half years, California has enjoyed the spotlight of having the most comprehensive data privacy law in the United States. The VCDPA, which will not enter into effect until January 1, 2023, borrows heavily from the California Consumer Privacy Act (CCPA) and the European Union (EU) General Data Protection Regulation (GDPR).

Personal data

Personal data GDPR Sales Privacy

Project Svalbard, Have I Been Pwned and its Ongoing Independence

Troy Hunt

MARCH 2, 2020

These were companies spanning all sorts of different industries; big tech, general infosec, antivirus, hosting, finance, e-commerce, cyber insurance - I could go on. I hate to be vague (I'm usually super transparent on these things), but I'd also hate to disrespect the privacy of this organisation or land myself in hot water legally.

IT

IT Mining Sales Data breaches

A new era for customer data – could security be ‘the new green’ for businesses?

Thales Cloud Protection & Licensing

OCTOBER 10, 2018

Think TV licenses and car insurance, for example. In fact, Gartner recently predicted that by 2021, organisations that protect their customers’ privacy will generate 20 per cent more revenue than those who don’t. However, the narrative is set to change.

GDPR

GDPR Security Marketing Data breaches

New York Department of Financial Services Issues Guidance Regarding Life Insurers’ Use of External Consumer Data in Underwriting

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Webinars

Trending Sources

California Enacts Broad Privacy Laws Modeled on GDPR

Webinars

Time and tide waits for no man – IoT in Insurance

California Enacts Broad Privacy Protections Modeled on GDPR

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

Understanding HIPAA: A Guide to Avoiding Common Violations

UAE: Federal level data protection law enacted

RSAC insights: CyberGRX finds a ton of value in wider sharing of third-party risk assessments

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

How to Develop an Incident Response Plan

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Regulatory Update: NAIC Summer 2020 National Meeting

Spain’s New Data Protection Act Now in Force

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

Regulatory Update: NAIC Fall 2018 National Meeting

The Impact of Data Protection Laws on Your Records Retention Schedule

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

Saudi Arabia’s New Data Protection Law – What you need to know

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

GDPR is upon us: are you ready for what comes next?

FRANCE: THE CNIL PUBLISHES ITS DATA PRIVACY IMPACT ASSESSMENT (DPIA) GUIDELINES AND A LIST OF PROCESSING OPERATIONS SUBJECT TO A DPIA

Malaysian Data Protection Law Takes Effect

Preparing for GDPR – Is the Way You Process Information Compliant with Data Protection Laws?

Preparing for GDPR – Is the Way You Process Information Compliant with Data Protection Laws?

Regulatory Update: NAIC Spring 2019 National Meeting

The debate on the Data Protection Bill in the House of Lords

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Requests

Mic Drop: California AG releases long-awaited CCPA Rulemaking

The Orion blockchain database: Empowering multi-party data governance

European Commission Releases Assessment of the EU Member States’ Rules on Health Data in Light of GDPR

Network Security Architecture: Best Practices & Tools

The Hacker Mind Podcast: Going Passwordless

#ModernDataMasters: Bob More, SVP Global Field Operations

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Project Svalbard, Have I Been Pwned and its Ongoing Independence

A new era for customer data – could security be ‘the new green’ for businesses?

Stay Connected