Exercises, Information Security, Insurance and Privacy

Exercises

Information Security

Insurance

Privacy

California Legislature Passes Bill to Establish the Genetic Information Privacy Act, Pending Governor’s Signature

Hunton Privacy

SEPTEMBER 1, 2020

Not disclosing, subject to specified exceptions, a consumer’s genetic data to certain entities ( e.g. , those responsible for making decisions regarding health insurance, life insurance or employment). Violations of the Act are subject to civil penalties. Department of Health and Human Services pursuant to HIPAA and the HITECH Act.

Privacy

Privacy Insurance Marketing Information governance

California Legislature Passes Bill Regulating Data Brokers

Hunton Privacy

SEPTEMBER 21, 2023

The Act aims to close a loophole in the California Consumer Privacy Act (“CCPA”) that allows consumers to request that data brokers delete personal information obtained directly from the consumer, but does not require data brokers to delete personal information obtained from other sources.

Insurance

Insurance Personal data Sales Compliance

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance

Insurance Cybersecurity Data breaches Financial Services

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Data Matters

FEBRUARY 6, 2019

The stolen information allegedly included names and identifying information, hashed passwords, security questions and answers, family information, Social Security numbers, lab results, health insurance information, doctor’s names, and medical conditions, among other things.

Data breaches

Data breaches Computer and Electronics Security Insurance

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

Create, Maintain, and Exercise a Cyber Incident Response, Resilience, and Continuity of Operations Plan. Prominent examples include the NY DFS Cyber Regulations , California Consumer Privacy Act (“CCPA”) , NY SHIELD Act , Massachusetts data security law , and the numerous Insurance Data Security laws. The post U.S.

Cybersecurity

Cybersecurity Financial Services Authentication Government

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

This is the 11th post in a series on privacy by Andrew Pery. Data Privacy and Open Data: Secondary Uses under GDPR. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. Privacy by Design: The Intersection of Law and Technology. Want more information?

GDPR

GDPR Compliance Privacy Data Privacy

How to Develop an Incident Response Plan

eSecurity Planet

DECEMBER 9, 2021

Be in-line with insurance policies. Be in-line with insurance policies. Insurance policies can also heavily influence how we respond to an incident—particularly cybersecurity. Some policies require initial contact to be made with an insurer who will deploy their own incident response team. Document contingencies.

Insurance

Insurance Ransomware Data breaches Cloud

FBI: Millions in Losses resulted from attacks against Healthcare payment processors

Security Affairs

SEPTEMBER 15, 2022

Advise all employees to exercise caution while revealing sensitive information such as login credentials through phone or web communications. Employees should conduct requests for sensitive information through approved secondary channels. Mitigate vulnerabilities related to third-party vendors.

Passwords

Passwords Phishing Authentication Communications

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

We have shared below some interesting points that we’ve seen arising recently, all of which relate to how things are likely to develop from today onwards, including enforcement predictions, challenges related to operationalizing data subject access procedures, and how the GDPR may change the data privacy litigation landscape in Europe.

GDPR

GDPR Personal data Compliance Data breaches

Malaysian Data Protection Law Takes Effect

Hunton Privacy

NOVEMBER 19, 2013

At present, these include data users in the communications, banking and finance, insurance, health care, tourism and hospitality, transportation, education, direct sales, services, real estate and utilities sectors. The law allows the Minister to designate classes of data users who must register their data processing activities.

Personal data

Personal data Marketing Communications Insurance

Cybersecurity Management Lessons from Healthcare Woes

eSecurity Planet

MAY 30, 2024

million patient’s information caused by a third party tracker installed on the Kaiser patient portal. Jeremy Nichols, NTT Security Holdings Director, Global Threat Intelligence Center, recommends that “healthcare providers need to strongly assess supply chain providers, third party integrations, and customer and insurance web portals.

Cybersecurity

Cybersecurity Ransomware Data breaches Risk

The Road to Zero Trust

Thales Cloud Protection & Licensing

APRIL 21, 2021

The path to a Zero Trust posture is not linear, and the tall claims by security vendors often cloud the decision-making. We have asked leading information security professionals what the challenges are for organizations to achieve Zero Trust. Jackson, Senior Privacy Subject Matter Expert. Here is what they told us.

Risk

Risk Cloud Digital transformation Encryption

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Penetration testing : Tests security controls to verify correct implementation, detect vulnerabilities, and confirm adequate security controls for risk reduction goals. Defense in Depth Defense in depth assumes that any single security control may fail. Economic Design Economic design improves the effectiveness of controls.

Security

Security Cloud Cybersecurity Risk

A new era for customer data – could security be ‘the new green’ for businesses?

Thales Cloud Protection & Licensing

OCTOBER 10, 2018

Think TV licenses and car insurance, for example. There has never been more public awareness around the importance of data security – between the Cambridge Analytica scandal and hundreds of GDPR ‘opt-out’ notifications – the topic has been on our front pages and at the top of our inboxes for a while.

GDPR

GDPR Security Marketing Data breaches

Information Management Today

California Legislature Passes Bill to Establish the Genetic Information Privacy Act, Pending Governor’s Signature

California Legislature Passes Bill Regulating Data Brokers

Trending Sources

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

How to Develop an Incident Response Plan

FBI: Millions in Losses resulted from attacks against Healthcare payment processors

GDPR is upon us: are you ready for what comes next?

Malaysian Data Protection Law Takes Effect

Cybersecurity Management Lessons from Healthcare Woes

The Road to Zero Trust

Network Security Architecture: Best Practices & Tools

A new era for customer data – could security be ‘the new green’ for businesses?

Stay Connected