Examples, Financial Services and Privacy - Information Management Today

Top financial services trends of 2024

IBM Big Data Hub

JANUARY 16, 2024

The start of 2024 brings forth many questions as to what we can expect in the year ahead, especially in the financial services industry, where technological advances have skyrocketed and added complexities to an already turbulent landscape. One example of this is in insurance.

Financial Services

Financial Services Customer Experience Cloud Digital transformation

Big California Privacy News: Legislative and Enforcement Updates

Data Matters

SEPTEMBER 6, 2022

Privacy never sleeps in California. In recent days and as California’s legislative session comes to a close, there have been a number of significant legislative and regulatory developments in the state, each of which will likely (again) change the privacy landscape in California and, by extension, the rest of the country.

Privacy

Privacy B2B Sales Compliance

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever. GDPR-style data privacy laws came to the U.S. with the California Consumer Privacy Act (CCPA) effective Jan.

Data Privacy

Data Privacy Compliance Privacy Security

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Summary – “Industry in One: Financial Services”

ARMA International

NOVEMBER 7, 2019

The scope of a records and information management (RIM) program in financial services can seem overwhelming. Compared to other industries, the complexities of managing records and information in financial services are arguably some of the toughest to solve, primarily because of the intense regulatory scrutiny.

Financial Services

Financial Services Communications Compliance Risk

New York State Department of Financial Services Challenges OCC Authority on Fintech Charters

Data Matters

SEPTEMBER 20, 2018

Office of the Comptroller of the Currency (OCC) announced its decision (the Fintech Charter Decision) to begin accepting applications from financial technology (fintech) companies for special purpose national bank charters. The Fintech Charter Decision is discussed in greater detail in a prior Sidley Banking and Financial Services Update.

Financial Services

Financial Services Paper Marketing Privacy

IBM Cloud delivers enterprise sovereign cloud capabilities

IBM Big Data Hub

FEBRUARY 22, 2024

We strongly believe the influx of data associated with AI will fuel tremendous business innovations, but requires strategic considerations, including around where data resides, data privacy, resilience, operational controls, regulatory requirements and compliance, and certifications.

Cloud

Cloud Computer and Electronics Compliance Financial Services

The aftermath of an incident – business considerations surrounding record-keeping

Data Protection Report

AUGUST 2, 2022

In our previous publication , we discussed the legal obligations and procedural considerations surrounding maintaining records of privacy incidents. Organizations should also be aware of sector-specific statutory obligations which may apply to them, for example in health or financial services industries.

Compliance

Compliance Privacy Risk Financial Services

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. See 45 CFR 164.306(e): Maintenance.

Cybersecurity

Cybersecurity Privacy Insurance Risk

New York Department of Financial Services Issues Guidance Regarding Life Insurers’ Use of External Consumer Data in Underwriting

Data Matters

FEBRUARY 20, 2019

On January 18, 2019, the New York State Department of Financial Services (NYDFS) issued Circular Letter 2019-1 (the Circular Letter), addressing insurers’ use of external consumer data and information sources in underwriting for life insurance.

Insurance

Insurance Financial Services Compliance Retail

The aftermath of an incident – why keeping records of data breaches and privacy incidents matters

Data Protection Report

JUNE 14, 2022

As privacy incidents and security breaches involving personal information become increasingly frequent, organizations are more and more aware of the importance of implementing a robust privacy program to mitigate the risks and impacts of such incidents. Legal Obligations. Procedural Considerations.

Privacy

Privacy Data breaches Compliance Financial Services

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

Other government agencies, like the New York Department of Financial Services and the Federal Trade Commission, are also increasingly focused on the need for broad implementation of MFA. Like an incident response plan, MFA has become a critical element of cybersecurity programs. The post U.S.

Cybersecurity

Cybersecurity Financial Services Authentication Government

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy

Privacy GDPR Data breaches Risk

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

IBM Big Data Hub

DECEMBER 18, 2023

For organizations of all types—and especially those in highly regulated industries such as financial services, government, healthcare and telco—considerations including the rise of generative AI, evolving regulations and data sovereignty laws and ongoing security challenges must be top of mind.

Cloud

Cloud Financial Services Compliance Digital transformation

CIPL Responds to UK Digital Regulation Cooperation Forum (DRCF) Workplan 2023 to 2024 Call for Input

Hunton Privacy

FEBRUARY 7, 2023

As the nature of digital assets continues to evolve and develop, it is imperative that data privacy issues are considered and addressed in tandem with the development of financial services policy and regulation to ensure a coherent, comprehensive and practical regulatory approach that can support a trusted, open, innovative and competitive market.

Data Privacy

Data Privacy Blockchain Compliance Privacy

U.S. Office of the Comptroller of the Currency Finalizes Fair Access Requirements

Data Matters

JANUARY 20, 2021

Office of the Comptroller of the Currency (OCC) issued its controversial final rule (Rule) 1 to establish a new requirement for covered banks to provide “fair access” to financial services to both natural persons and legal entities. 3) not deny, in coordination with others, any person a financial service the covered bank offers.

Access

Access Financial Services Marketing Risk

Improve your data relationships with third parties

Collibra

FEBRUARY 11, 2020

Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed. For example, FinTech and RegTech companies are very interested in working with companies that have a strong framework for managing data, including personal data. .

Financial Services

Financial Services Digital transformation Personal data Compliance

Capital Markets, AI, and the need for governance

Collibra

OCTOBER 31, 2023

With every financial services organization focused on making better and faster decisions, data professional and business leaders are eager to better understand how AI can facilitate their strategic goals. Financial services orgs, especially those in capital markets, frequently has been on the forefront of generative AI investment.

Marketing

Marketing Government Financial Services Artificial Intelligence

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

This blogpost summarises our recent webinar: “ An urgent message from Berlin: The importance of record retention in privacy and cybersecurity ”. The authority claimed a violation of data minimisation and privacy by design principles under the EU General Data Protection Regulation (GDPR). . Why should this be a high priority project?

Privacy

Privacy Compliance Personal data Risk

What can AI and generative AI do for governments?

IBM Big Data Hub

SEPTEMBER 20, 2023

When implemented in a responsible way—where the technology is fully governed, privacy is protected and decision making is transparent and explainable—AI has the power to usher in a new era of government services. AI’s value is not limited to advances in industry and consumer products alone.

Government

Government Artificial Intelligence Privacy Digital transformation

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy

Privacy GDPR Data breaches Risk

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

This past year was marked by ever more significant data breaches, growing cybersecurity regulatory requirements at the state and federal levels and continued challenges in harmonizing international privacy and cybersecurity regulations. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

EU-U.S. Privacy Shield Passes Its Third Annual Review

HL Chronicle of Data Protection

OCTOBER 25, 2019

Privacy Shield. continues to provide an adequate level of protection for personal data transferred under the Privacy Shield from the EU to participating companies in the U.S. The EU-US Privacy Shield is reviewed on a yearly basis, to assess that it continues to ensure an adequate level of protection of personal data. Background.

Privacy

Privacy IT Personal data Financial Services

The Best Memberships for Information Professionals

AIIM

MAY 19, 2020

Or maybe into privacy? For example, the U.S. financial services sector is different in practice than RM for a law firm, or a Canadian municipal government, or a multinational energy firm. International Association of Privacy Professionals (IAPP). Examples in the U.S. You should!)

Records Management

Records Management Privacy Government Information governance

Navigating the digital wave: Understanding DORA and the role of confidential computing

IBM Big Data Hub

FEBRUARY 5, 2024

The Digital Operational Resilience Act (DORA) marks a significant milestone in the European Union’s (EU) efforts to bolster the operational resilience of the financial sector in the digital age. Ensuring end-to-end Protection To achieve total data privacy assurance, a key component is confidential computing and cryptography.

Encryption

Encryption Data Privacy Compliance Cloud

Rohit Chopra Confirmed as CFPB Director; Historically Active Enforcement and Regulatory Regime Begins

Data Matters

OCTOBER 1, 2021

For example, we assess the business and reputational consequences associated with acquisitions of loan portfolios and institutions subject to the CFPB’s jurisdiction. Consumer financial services providers need to be aware of, and in compliance with, state consumer financial laws in addition to federal consumer financial laws.

Financial Services

Financial Services Compliance Risk Privacy

New Anti Anti-Money Laundering Services for Crooks

Krebs on Security

AUGUST 13, 2021

Come check out Antinalysis, the new address risk analyzer,” reads the service’s announcement, pointing to a link only accessible via ToR. “To date, this type of analysis has been used primarily by regulated financial service providers.” ” That may not be entirely true.

Blockchain

Blockchain Analytics Marketing Ransomware

California Consumer Privacy Act: The Challenge Ahead – The Interplay Between the CCPA and Financial Institutions

HL Chronicle of Data Protection

DECEMBER 7, 2018

This is the ninth installment in Hogan Lovells’ series on the California Consumer Privacy Act. It does not exempt financial institutions altogether from its requirements where a financial information is processing information not subject to these regimes. The Privacy Rule provides examples of a “consumer” (12 C.F.R.

Privacy

Privacy Financial Services Compliance Data breaches

The U.S. Office of the Comptroller of the Currency Seeks Comment on Digital Innovation by Banks

Data Matters

JUNE 12, 2020

The ANPR also focuses on critical new technologies such as distributed ledgers and artificial intelligence, asking, for example: “What types of activities related to cryptocurrencies or cryptoassets are financial services companies or bank customers engaged? Comments are due by August 3, 2020. The post The U.S.

Artificial Intelligence

Artificial Intelligence Blockchain Financial Services Computer and Electronics

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

IBM Big Data Hub

JANUARY 10, 2024

This unique capability is designed for workloads that have strong data sovereignty, regulatory or data privacy requirements. This is designed to enable multiple use cases in the healthcare industry, one being secure multi-party collaboration between different institutions as shown in the following example.

Security

Security Cloud Data Privacy Financial Services

What Is Cross-Site Scripting (XSS)? Types, Risks & Prevention

eSecurity Planet

FEBRUARY 26, 2024

This typically happens on dynamic web pages, which frequently change or can be actively manipulated by users (for example, a search bar where users can type queries). Users don’t know the code on the financial services web page is malicious because it looks legitimate, and they continue using it until it’s exposed.

Risk

Risk Financial Services Security Libraries

FFIEC Guidance on Authentication and Access to Financial Institution Services and Systems

Data Matters

AUGUST 17, 2021

On August 11, 2021, the Federal Financial Institutions Examination Council (FFIEC)1 issued guidance establishing risk management principles and practices to support the authentication of users accessing a financial institution’s information systems and customers accessing a financial institution’s digital banking services (the Guidance).

Authentication

Authentication Access Risk Financial Services

MY TAKE: Here’s why we need ‘SecOps’ to help secure ‘Cloud Native’ companiess

The Last Watchdog

SEPTEMBER 21, 2018

Poor configuration of cloud services can translate into gaping vulnerabilities—and low hanging fruit for hackers, the recent Tesla hack being a prime example. Compliance with existing and fresh data security and privacy rules and regulations is another variable driving companies to start introducing SecOps into their workflow.

Cloud

Cloud Security Mining Financial Services

The compliance challenges of hybrid working

IT Governance

AUGUST 26, 2021

Protecting employees’ privacy. For example, financial services firms may be worried about employees breaching insider trading laws. Although monitoring software comes with understandable privacy issues, remember that the GDPR (General Data Protection Regulation) doesn’t prohibit their use. Preventing data breaches.

Compliance

Compliance Data breaches Privacy Risk

News Alert: W3C advances technology to streamline payment authentication

The Last Watchdog

JUNE 15, 2023

for example, Microsoft merchant experiences with SCA under PSD2 ). W3C works on ensuring that all foundational Web technologies meet the needs of civil society, in areas such as accessibility, internationalization, security, and privacy.

Authentication

Authentication Communications Financial Services Retail

How AI is helping companies meet sustainability goals

IBM Big Data Hub

JULY 26, 2023

If we think about asset maintenance, for example, the questions are which technicians are available, where, and how should their work be prioritized. This use case shows how AI can help by processing unstructured image and video data in addition to structured data in the previous examples. It’s not about minimizing travel.

Energy and Utilities

Energy and Utilities Agriculture Manufacturing Risk

The Tension between GDPR and Blockchain: Are they Polar Opposites or Can they Co-exist

AIIM

JANUARY 10, 2019

A potentially problematic challenge for industry and legislators is the apparent tension between privacy rights and the rapid adoption of blockchain-based applications which are expected to reach $10.6 There is a school of thought that blockchain is antithetical to and incompatible with safeguarding privacy rights.

Blockchain

Blockchain GDPR Privacy Personal data

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

Data Protection Report

MARCH 7, 2024

Note that the only difference between the two examples is the addition of IP addresses. These agreements would include not only sending covered data for storage to a company headquartered in a country of concern but also: Example 20. Example 22. Will there be some exempt financial transactions? patients. person users.

Access

Access Military Compliance Personal data

China: Navigating China episode 16: New data lifecycle guidelines for financial institutions in China – detailed assessments, additional security measures and some data localisation introduced

DLA Piper Privacy Matters

APRIL 20, 2021

This introduces a data lifecycle security framework, and represents the key guideline for handling personal and other financial information by financial institutions (i.e. similar to the PIS Specification, but focused on the banking and financial services industry). Level 1: public data. are fulfilled.

Compliance

Compliance Security Financial Services Data collection

Cryptoassets and Smart Contracts – UK Offers Legal Clarity

Data Matters

DECEMBER 4, 2019

However, because of the potential to facilitate near-instant messaging, clearing and settlement, blockchain and cryptoassets have a particularly promising potential in a financial services context. 7 For example, of the type hypothesized by Ian Grigg (i.e., See paragraph 105. 3 Legal Statement at paragraph 103. See [link].

Blockchain

Blockchain Financial Services Healthcare Marketing

Cryptoassets and Smart Contracts – UK Offers Legal Clarity

Data Matters

DECEMBER 4, 2019

However, because of the potential to facilitate near-instant messaging, clearing and settlement, blockchain and cryptoassets have a particularly promising potential in a financial services context. 7 For example, of the type hypothesized by Ian Grigg (i.e., See paragraph 105. 3 Legal Statement at paragraph 103. See [link].

Blockchain

Blockchain Financial Services Healthcare Marketing

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

DECEMBER 23, 2019

This blogpost summarises our recent webinar: “ An urgent message from Berlin: The importance of record retention in privacy and cybersecurity ”. The authority claimed a violation of data minimisation and privacy by design principles under the EU General Data Protection Regulation (GDPR). . Why should this be a high priority project?

Privacy

Privacy Compliance Personal data Risk

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

Hunton Privacy

JULY 5, 2023

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published an updated proposed Second Amendment (“Amendment”) to its Cybersecurity Regulation, 23 NYCRR Part 500. The new MFA requirements, for example, would be subject to the two-year transition period.

Cybersecurity

Cybersecurity IT Compliance Financial Services

Identifying E-signature Requirements to Accelerate Digital Adoption and Meet Global Compliance

AIIM

OCTOBER 15, 2018

In North America, e-signatures are based on multiple authentication aspects with a focus on knowledge-based authentication which cannot be applied in EU due to much stricter privacy regulations. Allianz – a global financial services and insurance company – is one of those organizations which had to rethink their approach on e-signatures.

Compliance

Compliance Insurance Digital transformation Authentication

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

Certain sectors, such as banking, financial services, health, and insurance have their own data protection and privacy requirements. Enforcement of the Laws : The enforcement has been primarily focused on consumer or non-financial employee data (e.g., 4 Consumer Protection Privacy Act. 6 Colorado Privacy Act.

Personal data

Personal data GDPR Privacy Records Management

Top financial services trends of 2024

Big California Privacy News: Legislative and Enforcement Updates

Webinars

Trending Sources

Security Compliance & Data Privacy Regulations

Webinars

Summary – “Industry in One: Financial Services”

New York State Department of Financial Services Challenges OCC Authority on Fintech Charters

IBM Cloud delivers enterprise sovereign cloud capabilities

The aftermath of an incident – business considerations surrounding record-keeping

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

New York Department of Financial Services Issues Guidance Regarding Life Insurers’ Use of External Consumer Data in Underwriting

The aftermath of an incident – why keeping records of data breaches and privacy incidents matters

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

The Privacy Officers’ New Year’s Resolutions

5 things to know: Driving innovation with AI and hybrid cloud in the year ahead

CIPL Responds to UK Digital Regulation Cooperation Forum (DRCF) Workplan 2023 to 2024 Call for Input

U.S. Office of the Comptroller of the Currency Finalizes Fair Access Requirements

Improve your data relationships with third parties

Capital Markets, AI, and the need for governance

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

What can AI and generative AI do for governments?

The Privacy Officers’ New Year’s Resolutions

Privacy and Cybersecurity Top 10 for 2018

EU-U.S. Privacy Shield Passes Its Third Annual Review

The Best Memberships for Information Professionals

Navigating the digital wave: Understanding DORA and the role of confidential computing

Rohit Chopra Confirmed as CFPB Director; Historically Active Enforcement and Regulatory Regime Begins

New Anti Anti-Money Laundering Services for Crooks

California Consumer Privacy Act: The Challenge Ahead – The Interplay Between the CCPA and Financial Institutions

The U.S. Office of the Comptroller of the Currency Seeks Comment on Digital Innovation by Banks

Confidential Containers with Red Hat OpenShift Container Platform and IBM® Secure Execution for Linux

What Is Cross-Site Scripting (XSS)? Types, Risks & Prevention

FFIEC Guidance on Authentication and Access to Financial Institution Services and Systems

MY TAKE: Here’s why we need ‘SecOps’ to help secure ‘Cloud Native’ companiess

The compliance challenges of hybrid working

News Alert: W3C advances technology to streamline payment authentication

How AI is helping companies meet sustainability goals

The Tension between GDPR and Blockchain: Are they Polar Opposites or Can they Co-exist

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

China: Navigating China episode 16: New data lifecycle guidelines for financial institutions in China – detailed assessments, additional security measures and some data localisation introduced

Cryptoassets and Smart Contracts – UK Offers Legal Clarity

Cryptoassets and Smart Contracts – UK Offers Legal Clarity

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

Identifying E-signature Requirements to Accelerate Digital Adoption and Meet Global Compliance

The Impact of Data Protection Laws on Your Records Retention Schedule

Stay Connected