Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy 52

Privacy GDPR Data breaches Risk 52

Hunton Privacy

JULY 12, 2021

On June 30, 2021, the New York State Department of Financial Services (“NYDFS,” the “Department”) issued guidance to all New York state regulated entities on ransomware (the “Guidance”), identifying controls it expects regulated companies to implement whenever possible.

Ransomware 102

Ransomware Security Financial Services Cybersecurity 102

HL Chronicle of Data Protection

APRIL 1, 2019

The groundbreaking California Consumer Privacy Act (CCPA) takes effect on January 1, 2020, and companies are already working on compliance. Join members of the Hogan Lovells Privacy and Cybersecurity team for our CCPA now program, a valuable opportunity to explore the questions that you need to address now in order to be ready.

Sales 40

Sales Financial Services Privacy Compliance 40

ARMA International

APRIL 18, 2022

Certain sectors, such as banking, financial services, health, and insurance have their own data protection and privacy requirements. A data subject request is an action by an individual to exercise that right, and the organization has an obligation to respond to that request 10 11. 4 Consumer Protection Privacy Act.

Personal data 100

Personal data GDPR Privacy Records Management 100

HL Chronicle of Data Protection

MARCH 16, 2020

On Tuesday, 3 March 2020, we welcomed our financial services clients in London to a lively panel event, which covered the multitude of issues which arise in a cybersecurity incident. The incident response plan should be tested in tabletop exercises involving the individuals and teams who would be involved in a real-world incident.

Cybersecurity 59

Cybersecurity Financial Services Risk Insurance 59

Data Protection Report

SEPTEMBER 28, 2021

Depending on the activity in question, organisations would have to consider how disapplying the balancing test would work in light of a request to exercise those rights which require reconsidering the legitimate interest. Compliance program. Complaints and DSARs. The Government takes a three pronged approach to complaints from individuals.

Government 120

Government FOIA GDPR Compliance 120

IBM Big Data Hub

JULY 11, 2023

Vertical data platforms owned and operated by telcos and targeting a specific industry such as automotive, agriculture or financial services already exist today. Data owners therefore should be incentivized to share their generated/owned data to drive further value for the ecosystem and be able to do so whilst preserving privacy.

IoT 55

IoT Artificial Intelligence Agriculture Blockchain 55

Data Matters

FEBRUARY 12, 2019

When California Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law on June 28, 2018, there was broad agreement that revisions and clarifications were necessary. Definition of Unique Identifiers. Updating as needed the definition of unique identifiers. Exceptions. Safe Harbors and Concrete Guidance.

Sales 74

Sales Privacy Data Privacy Compliance 74

Hunton Privacy

AUGUST 8, 2012

Earlier this year, the Consumer Financial Protection Bureau (“CFPB”) published a Bulletin signaling its intent to regulate and exercise enforcement authority over service providers to financial institutions.

Financial Services 40

Financial Services Compliance Privacy IT 40

Hunton Privacy

AUGUST 15, 2022

On July 29, 2022, the New York Department of Financial Services (“NYDFS”) posted proposed amendments (“Proposed Amendments”) to its Cybersecurity Requirements for Financial Services Companies (“Cybersecurity Regulations”).

Financial Services 55

Financial Services Cybersecurity Risk Passwords 55

Data Matters

SEPTEMBER 24, 2019

Today, more than 120 countries have privacy and data protection laws or regulations in place. This comprehensive data privacy law wave has already reached parts of Latin America and the Caribbean. Data privacy officer. The BDPA was passed by the BDPA on July 24, 2019 and now awaits the Governor-General’s signature.

Personal data 68

Personal data GDPR Data Privacy Privacy 68

Data Matters

SEPTEMBER 20, 2018

Office of the Comptroller of the Currency (OCC) announced its decision (the Fintech Charter Decision) to begin accepting applications from financial technology (fintech) companies for special purpose national bank charters. The Fintech Charter Decision is discussed in greater detail in a prior Sidley Banking and Financial Services Update.

Financial Services 68

Financial Services Paper Marketing Privacy 68

Data Protection Report

JANUARY 30, 2023

Late December and early January tend to be a busy time for everyone, so you may have missed a privacy update or two during that time. the identity of Affiliates, Processors, or Third-Parties Personal Data is shared with f. methods by which Consumers can exercise their Data Rights request; or g. Processing purposes.

Privacy 114

Privacy Cybersecurity Personal data Insurance 114

HL Chronicle of Data Protection

MAY 13, 2019

For example, the New York Department of Financial Services (‘NYDFS’) in March 2017 issued its Cybersecurity Regulation (23 NYCRR 500) (‘the NYDFS Cybersecurity Regulation’), a groundbreaking and far-reaching regulatory regime focused on financial institutions licensed in New York, including insurance companies.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

DLA Piper Privacy Matters

OCTOBER 16, 2019

Drafting BCRs, obtaining approval and implementing are time-consuming, but completing this exercise serves as a stamp of quality and accountability. There are several reasons why multinationals are choosing to adopt BCRs with greater frequency: Gold plating your data protection compliance programme.

GDPR 40

GDPR Personal data Marketing Healthcare 40

Hunton Privacy

FEBRUARY 12, 2013

On January 17, 2013, Mexico’s Ministry of Economy published its Lineamientos del Aviso de Privacidad (in Spanish) (“Privacy Notice Guidelines” or “Guidelines”), which it prepared in collaboration with the Mexican data protection authority. Privacy Notice Requirements.

Privacy 40

Privacy Personal data Data collection Financial Services 40

DLA Piper Privacy Matters

JULY 22, 2021

Every financial services organisation will have been subject to a DSAR in order to obtain information as a pre-cursor to a claim against them for mis-selling a service or breaching an agreement in some way. This allows for restrictions on the right of access: “ where the restrictions are necessary and proportionate ….

Access 119

Access Personal data GDPR Financial Services 119

IBM Big Data Hub

OCTOBER 16, 2023

Data sovereignty addresses legal, privacy, security and governance concerns associated with the storage, processing and transfer of data. The focus is on the ability to exercise control, make decisions and enforce legal and regulatory obligations related to the data, regardless of its physical location.

Cloud 73

Cloud Compliance Data Privacy Privacy 73

Data Matters

JUNE 24, 2022

The definition generally includes three elements for determining whether a person is an investment adviser: (i) The person provides advice, or issues analyses or reports, concerning securities; (ii) the person is in the business of providing such services; and (iii) the person provides such services for compensation.

Marketing 88

Marketing Financial Services Analytics Sales 88

DLA Piper Privacy Matters

MARCH 4, 2021

In reviewing the answers to these and further queries, the DPC noted that organisations must be able to demonstrate effective and real exercise of management activities in Ireland that determine the main decisions as to the purposes and means of processing through stable arrangements. Financial Services Sector Focus.

GDPR 105

GDPR Compliance Data breaches Marketing 105

Data Protection Report

DECEMBER 17, 2020

The Data Strategy proposed the establishment of nine common European data spaces for data sharing and pooling, including health, mobility, manufacturing, financial services, energy, and agriculture. The EC’s Data Strategy sets out a vision of common European data spaces, a Single Market for data.

Government 101

Government Personal data Marketing Artificial Intelligence 101

Reltio

JULY 10, 2019

The solely IT-driven ones are more likely to be a plumbing exercise – more about pulling data together and feeding it somewhere else. Data privacy is coming up more and more beyond just GDPR. Most importantly there is a level or urgency involved in evolving the solution.

MDM 40

MDM Sales Digital transformation Cloud 40

ForAllSecure

JANUARY 19, 2022

As an American, I marvel at this idea that someone might be interested in protecting my right to privacy online, and that if something were to happen, there’s a non-governmental agency set up to help. And I think it is an exercise, pretty fun to look at those credentials. Vamosi: The ICO is a site in the U.K. Information rights.

Passwords 52

Passwords Authentication Access Data breaches 52

Data Matters

MAY 17, 2022

Like an incident response plan, MFA has become a critical element of cybersecurity programs, as recent regulations from the New York Department of Financial Services and the Federal Trade Commission, among others, reflect. Create, maintain, and exercise a cyber incident response plan. Press Release No. 18-1452 , Dep’t of Just.,

Cybersecurity 97

Cybersecurity Government Authentication Ransomware 97

AIIM

JANUARY 10, 2019

A potentially problematic challenge for industry and legislators is the apparent tension between privacy rights and the rapid adoption of blockchain-based applications which are expected to reach $10.6 There is a school of thought that blockchain is antithetical to and incompatible with safeguarding privacy rights.

Blockchain 115

Blockchain GDPR Privacy Personal data 115

Data Matters

JANUARY 20, 2021

Office of the Comptroller of the Currency (OCC) issued its controversial final rule (Rule) 1 to establish a new requirement for covered banks to provide “fair access” to financial services to both natural persons and legal entities. 3) not deny, in coordination with others, any person a financial service the covered bank offers.

Access 68

Access Financial Services Marketing Risk 68

Hunton Privacy

NOVEMBER 12, 2012

federal privacy, data security and breach notice legislation? House of Representatives have jurisdictional claims to privacy, data security and breach notice legislation: Energy & Commerce, Financial Services and Judiciary. Reporting from Washington, D.C., What are the consequences of the 2012 election on U.S.

Privacy 40

Privacy Security Financial Services Manufacturing 40