Perficient Data & Analytics

JULY 2, 2019

My previous blog post addresses the reasons for the regulation and the requirements associated with the New York State Department of Financial Services (NYDFS) 23 NYCRR 500. In this blog, I am addressing the General Data Protection Regulation (GDPR) and all the regulations that come with it. The General Data Protection Regulation (GDPR) is a European Union (EU) regulation on data protection and privacy for all individuals within the EU. Data Protection Officer.

Financial Services 40

Financial Services Data Privacy GDPR Personal data 40

Perficient Data & Analytics

JULY 16, 2019

My previous blog focused on addressing the General Data Protection Regulation (GDPR) and all the regulations that came with it. In my final post of this series, I want to outline the actions you can take to remain proactive with data privacy laws surrounding NYDFS 500 and GDPR. Companies will need to navigate the interconnected pieces of their organization, understand the history and lifecycle of their data, and work closely with regulators to ensure a successful outcome.

Financial Services 43

Financial Services GDPR Cybersecurity Data breaches 43

Hunton Privacy

APRIL 22, 2020

On April 13, 2020, the New York Department of Financial Services (“NYDFS”) issued guidance (“April guidance”) to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic.

Financial Services 65

Financial Services Risk Phishing Authentication 65

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. First American Financial Corp. First American’s stock price fell more than 6 percent the day after news of their data leak was published here.

Financial Services 199

Financial Services Insurance Mining Access 199

OpenText Information Management

DECEMBER 4, 2019

Last year, the number of personal records exposed by cyber attacks on the financial services industry was an incredible 446,575,334 – more than triple from the year before. The financial and reputational damage from these data breaches can be immense.

Financial Services 52

Financial Services Security Insurance Personal data 52

Hunton Privacy

OCTOBER 17, 2012

On October 15, 2012, the Singapore Parliament passed the Personal Data Protection Act 2012. The new law will apply only to data processing in the private sector as data processing by public agencies (or organizations acting on behalf of public agencies) are already subject to internal government rules. In addition, the bill does not impose a generally applicable data breach notification requirement. New Personal Data Protection Commission.

Personal data 43

Personal data Financial Services Data breaches Data Privacy 43

InfoGoTo

MARCH 30, 2020

For mortgage lending and other financial services work, security issues can be particularly challenging. Mortgage files contain sensitive personal data. Financial Services COVID-19 interest rates low interest rates remote work

Communications 68

Communications Computer and Electronics Personal data Privacy 68

Collibra

FEBRUARY 11, 2020

Seizing an opportunity to improve data relationships with third parties. Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed.

Digital transformation 56

Digital transformation Personal data Compliance Cybersecurity 56

IT Governance

APRIL 2, 2019

The organisation hired a data protection consultant for advice , and ran its plan past an independent data protection solicitor. . The ICO’s d irector of i nvestigations and i ntelligence , Andy White , said : “Spam email uses people ’ s personal data unlawfully, filling up their inboxes and promoting products and services which they don’t necessarily want. . “We EU GDPR Financial Services Data management PECR

Marketing 58

Marketing Communications Personal data Compliance 58

Perficient Data & Analytics

OCTOBER 2, 2018

Document the process, data, and technical requirements. Customer personal data current state analysis. Changes to process and data flows. Consolidate the consumer personal data. Changes to data retention and deletion processes. Develop the approvals and workflows to manage customer personal data. Data security upgrades.

Compliance 40

Compliance Personal data Privacy Risk 40

Perficient Data & Analytics

NOVEMBER 13, 2018

Compliance with the CCPA requires robust processes for identifying, governing, distributing, and securing consumer personal information. The first steps are to document the current usage of this information: Data inventory: Generate lists of personal data related to clients, investors, employees, counter parties, prospects and other entities. Data policies: Review current policies to process, retain and delete data.

Compliance 40

Compliance Personal data Privacy Government 40

Hunton Privacy

MARCH 11, 2021

On March 3, 2020, the New York Department of Financial Services (“NYDFS”) announced it had entered into a settlement with Residential Mortgage Services, Inc. (“RMS”) Cybersecurity Enforcement Financial Privacy U.S.

Financial Services 63

Financial Services Data breaches Compliance Risk 63

Perficient Data & Analytics

OCTOBER 16, 2018

Compliance with the CCPA will be challenging because it represents major changes in how financial institutions conduct their business. DATA DISPERSION. Consumer personal data is often scattered across multiple internal platforms and shared with many third parties. Firms use consumer personal data to identify and qualify prospects, cross-sell and up-sell to existing customers, and create targeted outreach messages.

Personal data 40

Personal data Privacy Data breaches Financial Services 40

Perficient Data & Analytics

OCTOBER 30, 2018

The first step any financial institution must take in its response to the new CCPA law is to evaluate its exposure and current state of readiness. Analysis: Identification of critical process and data gaps, implementation or reinforcement of governance processes, documentation of requirements. Implementation: Technical services to consolidate customer data, develop governance and approval workflows, and make infrastructure upgrades. Perficient + Financial Services.

Insurance 40

Insurance Risk Privacy Government 40

Reltio

APRIL 25, 2019

How do you ensure security and privacy while personalizing the customer experience? Modern enterprise-wide customer data platforms with Customer 360 present a real-time single customer view to all the business teams to ensure consistent omnichannel customer experience. It is an ongoing activity, constantly responding to the changes in market and customer expectations, new products and services, and technology evolution. Ankur Gupta, Sr. Product Marketing Manager, Reltio.

Customer Experience 63

Customer Experience B2B B2C Paper 63

Reltio

AUGUST 16, 2018

On May 25, 2018 GDPR (General Data Protection Regulation) went into effect. The primary objectives of the GDPR are to give control back to their EU citizens and residents over their personal data, to simplify the regulatory environment for international business, and to unify regulations within the European Union. Consumer personal data collected within your company is often distributed to multiple systems and organizations, resulting in duplication.

GDPR 60

GDPR Personal data Customer Experience Data collection 60

HL Chronicle of Data Protection

MAY 13, 2019

Major data breaches in recent years are spurring state legislators and regulators across the US into action. For example, the New York Department of Financial Services (‘NYDFS’) in March 2017 issued its Cybersecurity Regulation (23 NYCRR 500) (‘the NYDFS Cybersecurity Regulation’), a groundbreaking and far-reaching regulatory regime focused on financial institutions licensed in New York, including insurance companies.

Insurance 40

Insurance Compliance Cybersecurity Risk 40

HL Chronicle of Data Protection

JULY 9, 2019

As companies continue to grapple with interpreting how the GDPR’s principles apply to their own businesses, in particular contexts, there is a growing need for data protection regulators to provide clarity on the practical application of the regulation. The ICO intends to use its own Sandbox to support organisations that are looking to use personal data in innovative ways through the use of new technologies and approaches.

Blockchain 40

Blockchain Financial Services Compliance Marketing 40

HL Chronicle of Data Protection

SEPTEMBER 12, 2018

privacy laws which generally focus on specific sectors or issues, the CCPA applies broadly to businesses that collect personal information about California residents and aims to create significant new consumer privacy rights. Effective immediately, the CCPA preempts local laws regulating the collection and sale of consumer personal information by businesses. Clinical trial data exception. The CCPA’s private right of action is limited to data breach violations.

Insurance 40

Insurance Financial Services Sales Privacy 40

Hunton Privacy

NOVEMBER 10, 2016

On November 9, 2016, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP and AvePoint released the results of a joint global survey launched in May 2016 concerning organizational preparedness for implementing the EU General Data Protection Regulation (“GDPR”). Telecommunication and technology companies were the most represented respondents, followed by insurance and financial services companies, as well as pharmaceutical and healthcare companies.

Healthcare 43

Healthcare Insurance GDPR Financial Services 43

DLA Piper Privacy Matters

JULY 22, 2021

As individuals become more aware of their rights under data protection law, data subject access requests ( DSARs ) are an increasingly frequent concern for organisations both large and small. Approach of the Irish Data Protection Commission.

Access 65

Access GDPR Personal data Financial Services 65

Data Protection Report

JULY 5, 2021

The European Commission (EC) signalled plans for a new Data Act, to be published in late 2021, in its February 2020 Data Strategy Communication. What is the objective of the possible Data Act? Lack of legal clarity on who can do what with data (for example, co-generated data).

B2B 82

B2B Manufacturing Cloud Access 82

DLA Piper Privacy Matters

JANUARY 29, 2019

NETHERLANDS: Dutch Data Protection Authority received record amount of data breach notifications in 2018. Earlier today, the Dutch Data Protection Authority ( Autoriteit Persoonsgegevens ) issued a press release stating that it received 20,881 notifications of data breaches in 2018. In comparison to 2017, the amount of data breach notifications has (more than) doubled.

Personal data 40

Personal data Financial Services Phishing IT 40

Data Matters

SEPTEMBER 24, 2019

*Jan Yves Remy is a former Sidley Austin Associate and now serves as the Deputy Director at Shridath Ramphal Centre for International Trade Law, Policy and Services at the University of the West Indies in Barbados. Today, more than 120 countries have privacy and data protection laws or regulations in place. Many of the new or modernized laws tend to be based on comprehensive legislation, rather than sectoral rules, as data needs to move across industry groups and borders.

Personal data 64

Personal data Compliance Privacy Data Privacy 64

The Last Watchdog

SEPTEMBER 23, 2019

How can it be that marquee enterprises like Capital One, Marriott, Facebook, Yahoo, HBO, Equifax, Uber and countless others continue to lose sensitive information in massive data breaches? Related: Breakdown of Capital One breach The simple answer is that any organization that sustains a massive data breach clearly did not do quite enough to protect the data itself. Here are key takeaways: Security benefits Protect the data itself.

Encryption 138

Encryption Digital transformation Compliance Cloud 138

Data Protector

JANUARY 29, 2017

We have 480 days to go before the General Data Protection Regulation is “in force”. But it will undoubtedly lead to greater unease amongst the audit committees of many firms, particularly those in the (regulated) financial services sector, who will note, from the data protection compliance reports that have been commissioned, the difficulties that are being encountered in ensuring that sufficient evidence is available to demonstrate how the organisation complies with the GDPR.

GDPR 131

GDPR Compliance Financial Services Personal data 131

DLA Piper Privacy Matters

APRIL 20, 2021

Important new guidelines outlining how personal and other types of financial information should be handled by financial institutions throughout the data lifecycle have just come into force in China, including a new data localisation obligation. Level 1: public data.

Compliance 67

Compliance Financial Services Encryption Data collection 67

DLA Piper Privacy Matters

OCTOBER 16, 2019

Multinationals increasingly turning to BCRs as providing more legal certainty for personal data transfers from the EU. The EU General Data Protection Regulation (“GDPR”) brought about stricter data protection rules, and increased penalties for breaching these rules. For many multinationals this has led to reconsidering their framework for transferring personal data from the EU to third countries.

Personal data 40

Personal data Healthcare Marketing Financial Services 40

Rippleshot

SEPTEMBER 14, 2017

The massive Equifax data breach that’s making national headlines is estimated to impact nearly half of the U.S. While most of the news centers on the consumer identity theft impact, the real story in the financial services ecosystem is what this hack will cost banks, credit unions and issuers. From what’s been publicly reported, there’s been 209,000 credit card numbers and 182,000 documents with personal information breached.

Financial Services 46

Financial Services Data breaches Personal data Security 46

Data Matters

JUNE 24, 2021

The Order alleges that this vulnerability exposed over 800 million images dating back to 2003, including sensitive personal data, such as Social Security numbers and financial information. On July 21, 2020, the New York State Department of Financial Services (NYDFS) issued a statement of charges and notice of hearing against First American for six violations of the department’s Cybersecurity Requirements for Financial Services Companies.

Risk 64

Risk Insurance Financial Services Cybersecurity 64

DLA Piper Privacy Matters

MARCH 4, 2021

In its second full year overseeing and regulating the GDPR in Ireland, the Data Protection Commission ( DPC ) has published its 2020 Annual Report , highlighting key observations, emerging guidance, and large scale inquiries and decisions of 2020. Financial Services Sector Focus.

GDPR 86

GDPR Marketing Data breaches Financial Services 86

IT Governance

JULY 31, 2019

Department of Health Services email hacked exposing patient data (14,591). Crooks steal Bulgarians personal details and email them to local media (5 million). Pennsylvania-based software firm and healthcare provider accuse each other of data theft (unknown). TX-based Wise Health reports data breach caused by phishing attack (35,899). Hackers breach SyTech, a contractor for Russia’s national intelligence service (unknown). Data breaches.

Ransomware 87

Ransomware Data breaches Phishing Libraries 87

Security Affairs

JUNE 18, 2020

Researchers uncovered an ongoing campaign delivering the Qbot malware to steal credentials from customers of dozens of US financial institutions. Qbot , aka Qakbot , is a data stealer worm with backdoor capabilities that was first detected by Symantec back in 2009.

Phishing 107

Phishing Financial Services Personal data IT 107

InfoGoTo

DECEMBER 17, 2019

We live in an age where we have the ability to collect and utilize more data than ever. As the amount of data we’re responsible for increases, so do concerns that we’re handling it properly. Data compliance refers to statutes and regulations that provide accountabilities, processes and operational obligations for the collection, storage, format and use of data. The laws that regulate data compliance vary greatly depending on jurisdiction.

Compliance 40

Compliance Data Privacy GDPR Financial Services 40

HL Chronicle of Data Protection

JUNE 14, 2019

As the first broad-based state law on consumers’ personal data in the U.S., Please join the Hogan Lovells Privacy and Cybersecurity team and LexisNexis on June 19 for the webinar, Operationalizing the California Consumer Privacy Act – Key Decisions and Compliance Strategies. The California Consumer Privacy Act of 2018 (CCPA) has been described as groundbreaking, watershed, and unprecedented since its passage on June 28, 2018.

Compliance 40

Compliance GDPR Financial Services Sales 40

erwin

NOVEMBER 14, 2019

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data governance refers to the strategic and ongoing efforts by an organization to ensure that data is discoverable and its quality is good. It is also used to make data more easily understood and secure.

Government 82

Government Metadata Data breaches Insurance 82

Data Protection Report

DECEMBER 23, 2019

In 2019, we saw regulators put a renewed focus on how long businesses retain personal information. This sends a clear message that organisations can no longer ignore their obligations relating to data retention. How should businesses change their attitudes towards data retention?

Compliance 113

Compliance Privacy Personal data GDPR 113

IT Governance

NOVEMBER 9, 2018

In addition to data subjects’ rights to be informed, of access, to rectification, to erasure, to restrict processing, to data portability and to object, the EU’s GDPR (General Data Protection Regulation) sets out requirements relating to automated individual decision-making, including profiling. There are three exceptions to this restriction: If it is necessary to perform a contract between the data subject and a data controller.

GDPR 70

GDPR Personal data Financial Services Compliance 70

AIIM

JANUARY 10, 2019

One of the most notable blockchain skeptics – David Gerard –argues that if “you were silly enough to put personal data into an append-only ledger which is a proof-of-work blockchain — that’d be flat-out insane.”. The GDPR Regulation provides data subjects with enhanced rights to withdraw consent , access , correct and in some cases erase their personal information. “ While pseudonymization falls within GDPR protection as such data may be re-identified (i.e.

Blockchain 63

Blockchain GDPR Personal data Financial Services 63

The Last Watchdog

FEBRUARY 25, 2019

Related: Applying ‘zero trust’ to managed security services. Our customers all have the pain point of wanting to have single sign-on for multiple applications, requiring capabilities like self-service and self-registration,” Curcio told Last Watchdog. Yet even as IAM and IGA technologies steadily advanced, enterprises continued to struggle mightily with keeping data secure. And the massive data breaches just keep on coming.

Access 146

Access Government Authentication Insurance 146