Data Protection Report

SEPTEMBER 28, 2021

On 10 September 2021, the UK Government published its consultation paper on proposals to reform the UK’s data protection regime. On legitimate interests, the Government proposes disapplying the legitimate interest balancing test for certain activities. The deadline for responding to the consultation is 19 November 2021.

Government 120

Government FOIA GDPR Compliance 120

Data Protection Report

DECEMBER 23, 2019

This blogpost summarises our recent webinar: “ An urgent message from Berlin: The importance of record retention in privacy and cybersecurity ”. The authority claimed a violation of data minimisation and privacy by design principles under the EU General Data Protection Regulation (GDPR). . Why should this be a high priority project?

Privacy 144

Privacy Compliance Personal data Risk 144

Data Protection Report

AUGUST 2, 2022

In our previous publication , we discussed the legal obligations and procedural considerations surrounding maintaining records of privacy incidents. Organizations should also be aware of sector-specific statutory obligations which may apply to them, for example in health or financial services industries.

Compliance 137

Compliance Privacy Risk Financial Services 137

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

IBM Big Data Hub

DECEMBER 18, 2023

For organizations of all types—and especially those in highly regulated industries such as financial services, government, healthcare and telco—considerations including the rise of generative AI, evolving regulations and data sovereignty laws and ongoing security challenges must be top of mind.

Cloud 72

Cloud Financial Services Compliance Digital transformation 72

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy 84

Privacy GDPR Data breaches Risk 84

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. IT governance and security. Financial reporting compliance. Privacy governance and management. Audit management.

Compliance 57

Compliance Risk Government Retail 57

Security Affairs

JUNE 20, 2023

Data sovereignty also encompasses the rights and regulations governing data storage, processing, and transfer and often intersects with privacy, security, and legal considerations. When data is sovereign, an organization retains control and ownership over that data.

Compliance 87

Compliance Cybersecurity Risk Encryption 87

Thales Cloud Protection & Licensing

DECEMBER 20, 2023

This development model enables enterprises to conduct model training and processing directly at the edge or on-premises. By moving computation and model training to the edge, organizations can train their models locally without uploading datasets to hyperscalers or relying on foundational models.

Cybersecurity 83

Cybersecurity Blockchain Artificial Intelligence Encryption 83

IBM Big Data Hub

JANUARY 10, 2024

This unique capability is designed for workloads that have strong data sovereignty, regulatory or data privacy requirements. Protecting the confidentiality of proprietary algorithms and sensitive training data is crucial. As such, confidential containers play a key role across industries engineered to secure data and foster innovation.

Security 79

Security Cloud Data Privacy Financial Services 79

Data Protection Report

DECEMBER 23, 2019

This blogpost summarises our recent webinar: “ An urgent message from Berlin: The importance of record retention in privacy and cybersecurity ”. The authority claimed a violation of data minimisation and privacy by design principles under the EU General Data Protection Regulation (GDPR). . Why should this be a high priority project?

Privacy 52

Privacy Compliance Personal data Risk 52

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk 147

Risk Financial Services Insurance Cybersecurity 147

Data Protection Report

NOVEMBER 16, 2022

2022 has been a record year for Illinois Biometric Information Privacy Act (“BIPA”) litigation. Since its enactment in 2008, BIPA has been one of the most litigated privacy-related laws with some of the highest penalties. Department of Education’s Federal Student Aid Program are “financial institutions” governed by GLBA.

Financial Services 98

Financial Services Privacy Compliance Insurance 98

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy 52

Privacy GDPR Data breaches Risk 52

IT Governance

AUGUST 26, 2021

Protecting employees’ privacy. For example, financial services firms may be worried about employees breaching insider trading laws. Although monitoring software comes with understandable privacy issues, remember that the GDPR (General Data Protection Regulation) doesn’t prohibit their use. Preventing data breaches.

Compliance 119

Compliance Data breaches Privacy Risk 119

Data Matters

JUNE 24, 2021

The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021. Companies should consider implementing training processes to ensure that information security personnel understand cybersecurity disclosure requirements, especially as stated in the Guidance.

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

Collibra

OCTOBER 31, 2023

With every financial services organization focused on making better and faster decisions, data professional and business leaders are eager to better understand how AI can facilitate their strategic goals. Financial services orgs, especially those in capital markets, frequently has been on the forefront of generative AI investment.

Marketing 88

Marketing Government Financial Services Artificial Intelligence 88

KnowBe4

FEBRUARY 14, 2023

This means you have a bunch of users that unwittingly follow a set of unusual and unnecessary clicks that they should know better than to follow – something they learn very quickly if they are enrolled in new-school security awareness training. Blog post with links: [link] Are Your Users Making Risky Security Mistakes?

Phishing 86

Phishing Security awareness Compliance Risk 86

eSecurity Planet

SEPTEMBER 10, 2021

Train your staff. To prevent hackers from getting their hands on access credentials for cloud computing tools, organizations should train all workers on how to spot cybersecurity threats and how to respond to them. Perhaps most importantly, cloud security training should help employees understand the inherent risk of shadow IT.

Cloud 116

Cloud Security Encryption Risk 116

ARMA International

DECEMBER 26, 2019

Government topped the list of vertical industries at 23%. in 2017), with the remainder reporting into senior administrative roles, compliance, corporate services, or finance teams. in 2017), with the remainder reporting into senior administrative roles, compliance, corporate services, or finance teams.

Content services 76

Content services Cloud Records Management Privacy 76

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. Third-party governance. IT governance and security. Financial reporting compliance. Privacy governance and management. Audit management.

Compliance 67

Compliance Risk Government Retail 67

Data Matters

AUGUST 5, 2019

Together, the new laws require the implementation of reasonable data security safeguards, expand breach reporting obligations for certain types of information, and require that a “consumer credit reporting agency” that suffers a data breach provide five years of identity theft prevention services for impacted residents.

Cybersecurity 68

Cybersecurity Data breaches Privacy Risk 68

HL Chronicle of Data Protection

MARCH 14, 2019

The Federal Trade Commission (“FTC”) issued notices on March 5 seeking public comment on proposed amendments to the regulations implementing the Gramm-Leach-Bliley Act (“GLBA”), commonly known as the Safeguards Rule and Privacy Rule. Employee training. Proposed Changes to the Privacy Rule. Board reporting.

Privacy 40

Privacy Risk Cybersecurity Information Security 40

Hunton Privacy

DECEMBER 11, 2014

On December 10, 2014, the New York State Department of Financial Services (the “Department”) announced that it issued an industry guidance letter to all Department-regulated banking institutions that formally introduces the Department’s new cybersecurity preparedness assessment process.

Cybersecurity 40

Cybersecurity Financial Services Insurance Information Security 40

Hunton Privacy

AUGUST 15, 2022

On July 29, 2022, the New York Department of Financial Services (“NYDFS”) posted proposed amendments (“Proposed Amendments”) to its Cybersecurity Requirements for Financial Services Companies (“Cybersecurity Regulations”). As part of the “training and monitoring” requirements under Section 500.14

Financial Services 55

Financial Services Cybersecurity Risk Passwords 55

eSecurity Planet

AUGUST 10, 2023

FBI InfraGard Best for critical infrastructure security InfraGard is a threat intelligence feed and network partnership between the FBI and other government agencies and interested private sector parties. Email Address By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. critical infrastructure.

Cybersecurity 83

Cybersecurity Access Metadata Energy and Utilities 83

CGI

MAY 26, 2016

Overlapping SEC and FINRA cybersecurity-related requirements target the following areas: Governance and risk assessment. The NIST Framework reflects the recommendations of hundreds of businesses and government organizations. Impacted areas. Access rights, controls and confidentiality. Data loss prevention. Vendor management.

Cybersecurity 40

Cybersecurity Risk Financial Services Compliance 40

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. billion were made under property/casualty policies that were silent about cyber risks.

Insurance 70

Insurance Cybersecurity Risk Education 70

DLA Piper Privacy Matters

APRIL 2, 2020

Awareness and Training. Various laws and best practices speak of the need to train network users on the latest security best practices. Governments and cybersecurity experts are reporting a surge in COVID-19-related phishing activity. The views expressed below do not constitute legal advice. The path forward.

Cybersecurity 52

Cybersecurity Phishing Authentication Access 52

DLA Piper Privacy Matters

JULY 30, 2019

Beyond data breach notification laws relating to personal information, the covered entity and service provider’s rights and obligations relating to cyber incidents are often defined by contract. At least nine states expressly extend these requirements to service providers. Proof of adequate cyber insurance coverage.

Data breaches 45

Data breaches Cybersecurity Financial Services Risk 45

IT Governance

JANUARY 16, 2024

GB Rebekah Children’s Services Source (New) Non-profit USA Yes 2,805 Butte School District Source 1 ; source 2 (Update) Education USA Yes 2,658 Dignity Health Nevada St. Source (New) Real estate USA Yes 10 GB Unitex Source (New) Manufacturing USA Yes 9.5 Under the GDPR, it must be as easy to withdraw your consent as it is to give it.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

eDiscovery Daily

OCTOBER 21, 2019

Join us to hear examples of failures by a major medical center, a major financial institution, a large federal government agency, and a noted presidential advisor. Have we lost the battles over data privacy and data protection with our data exposed for all to see? Is more evidence a bad thing?

e-Discovery 45

e-Discovery e-Delivery GDPR Education 45

IT Governance

JANUARY 23, 2024

The first chapter covers the lawful basis for training generative AI models on web-scraped data and is open until 1 March. Australian government sets out risk-based system to respond to AI The Australian government has launched its plan to respond to the rise in AI, using a risk-based system to impose proportionate controls on its use.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IBM Big Data Hub

FEBRUARY 8, 2023

Organizations need to protect individuals’ privacy and build trust. This necessitates the detection of bias during data acquisition, building, training, deploying and monitoring models. AI requires AI governance , not after the fact but baked into AI strategy of your organization. So what is AI governance?

Artificial Intelligence 52

Artificial Intelligence Compliance Analytics Government 52

The Last Watchdog

MAY 1, 2019

Related: Why diversity in training is a good thing. He came up with a new approach to testing and training the bank’s employees – and the basis for a new company, LucySecurity. People tend to be very resistant to training,” Bastable told me. How much better? But as soon as you stop, the number quickly goes back up.”

Phishing 166

Phishing Financial Services Manufacturing Education 166

DLA Piper Privacy Matters

APRIL 26, 2021

Testing: Any data sets used to support training, validation and testing must be subject to appropriate data governance and management practices and must be relevant, representative, free of errors and complete and have the appropriate statistical properties to support the system use. Governance, enforcements and sanctions .

Artificial Intelligence 114

Artificial Intelligence Risk Marketing GDPR 114