Data Privacy Laws in Financial Services: NYDFS 500

Perficient Data & Analytics

In my previous post, I discussed what data privacy is and why it’s important? In my post today I want to discuss data privacy laws, specifically involving New York State Department of Financial Services (NYDFS) 23 NYCRR 500. Service providers.

GDPR: Data Privacy Laws in Financial Services

Perficient Data & Analytics

My previous blog post addresses the reasons for the regulation and the requirements associated with the New York State Department of Financial Services (NYDFS) 23 NYCRR 500. Data protection must be designed into the development of business processes for products and services.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Components of a Data Governance Strategy in Financial Services

Perficient Data & Analytics

Previously, I analyzed the types of data in a governance program for financial services companies. Data Security & Privacy. Requesting access to data should be automated through workflows to facilitate and speed the servicing of requests as to not hinder productivity.

[Guide] Data Privacy Laws in Financial Services: NYDFS 500 & GDPR

Perficient Data & Analytics

What is Data Privacy and Why is it Important? Data privacy, or data protection, is the relationship between the collection and dissemination of data, technology, the public perception and expectation of privacy, and the political and legal issues surrounding it all. Privacy concerns exist wherever personally identifiable information or other sensitive information is collected, stored, used, destroyed or deleted – in digital, physical, or other forms.

Summary – “Industry in One: Financial Services”

ARMA International

The scope of a records and information management (RIM) program in financial services can seem overwhelming. History of Financial System. Shaped by several financial catastrophes of modern history, such as the Great Depression of 1929 and the Great Recession of 2007, the U.S.

NYDFS 500 and GDPR in Financial Services – Actions to Take Now

Perficient Data & Analytics

In my final post of this series, I want to outline the actions you can take to remain proactive with data privacy laws surrounding NYDFS 500 and GDPR. Implement: Technical services are required to create/ update cybersecurity policies and procedures.

NY Department of Financial Services Issues Guidance to Regulated Entities Regarding Cybersecurity During the COVID-19 Pandemic

Hunton Privacy

On April 13, 2020, the New York Department of Financial Services (“NYDFS”) issued guidance (“April guidance”) to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic.

New York State Department of Financial Services Challenges OCC Authority on Fintech Charters

Data Matters

Office of the Comptroller of the Currency (OCC) announced its decision (the Fintech Charter Decision) to begin accepting applications from financial technology (fintech) companies for special purpose national bank charters. The Fintech Charter Decision is discussed in greater detail in a prior Sidley Banking and Financial Services Update. placing New York financial consumers at great risk of exploitation by federally chartered entities improperly insulated from New York law.

New York Department of Financial Services Issues Guidance Regarding Life Insurers’ Use of External Consumer Data in Underwriting

Data Matters

On January 18, 2019, the New York State Department of Financial Services (NYDFS) issued Circular Letter 2019-1 (the Circular Letter), addressing insurers’ use of external consumer data and information sources in underwriting for life insurance. The post New York Department of Financial Services Issues Guidance Regarding Life Insurers’ Use of External Consumer Data in Underwriting appeared first on Data Matters Privacy Blog.

NY Department of Financial Services Issues Reminder for Cybersecurity Filing Deadline

Hunton Privacy

On January 22, 2018, the New York Department of Financial Services (“NYDFS”) issued a press release reminding entities covered by its cybersecurity regulation that the first certification of compliance with the regulation is due on or prior to February 15, 2018. As DFS continues to implement its landmark cybersecurity regulation, we will take proactive steps to protect our financial services industry from cyber criminals.”.

NYDFS 500: Why the Regulation?

Perficient Data & Analytics

Previously, I discussed data privacy laws, specifically involving New York State Department of Financial Services (NYDFS) 23 NYCRR 500. Now, I want to address the reasons for the regulation and the requirements.

Leveraging Blockchain Integration to Meet Information Governance Challenges


Blockchain integration is one of the hottest technology topics in the business world today, with financial services and healthcare sectors leading the way in exploring how to integrate blockchain into their organizations. A Financial Services Roadblock.

ARMA and AIEF Issue Special Edition Publication: Blockchain, AI, Accounting Records, and other IG topics covered

IG Guru

AIEF Archives ARMA Audit Blockchain Business Compliance IG News Information Governance information privacy information security Privacy Record Retention Records Management Risk News Sponsored Accounting Records AI Documentation Financial Services Retention

COVID-19 Interest Rates Present Mortgage Industry Challenges


For mortgage lending and other financial services work, security issues can be particularly challenging. Privacy of files. Financial Services COVID-19 interest rates low interest rates remote work

Striking a balance between security and usability of sensitive data

OpenText Information Management

Last year, the number of personal records exposed by cyber attacks on the financial services industry was an incredible 446,575,334 – more than triple from the year before. The financial and reputational damage from these data breaches can be immense.

Privacy Requirements & Penalties Grow, Causing Firms to Struggle

Dark Reading

Between Europe's and California's privacy laws, companies have a complex landscape to navigate in 2020. Even data-mature industries, such as financial services, see problems ahead

Keeping Up with New Data Protection Regulations


Some suggest the California Consumer Privacy Act (CCPA), which takes effect January 1, 2020, sets a precedent other states will follow by empowering consumers to set limits on how companies can use their personal information.

Getting Started with California Consumer Privacy Act Compliance

Perficient Data & Analytics

Data recipients: Compile a list of entities, such as administrators, custodians, transfer agents, investment managers, and other service providers. After the initial assessment is complete, financial institutions will be in a position to: Confirm what personal data they hold and for what purpose. Compliance with the CCPA requires robust processes for identifying, governing, distributing, and securing consumer personal information.

Perficient Helps Adjust to the California Consumer Privacy Act

Perficient Data & Analytics

The first step any financial institution must take in its response to the new CCPA law is to evaluate its exposure and current state of readiness. Implementation: Technical services to consolidate customer data, develop governance and approval workflows, and make infrastructure upgrades. Our risk and compliance practice has a proven track record of helping financial firms understand and react to regulatory mandates. Perficient + Financial Services.

Establishing a California Consumer Privacy Act Compliance Program

Perficient Data & Analytics

We recently published a guide examining the California Consumer Privacy Act of 2018, and the steps any financial institution must take in its response to the new law to evaluate its exposure and current state of readiness. Data & Analytics Financial Services Integration & IT Modernization Operations Regulatory Compliance California California Consumer Privacy Act California privacy consumer privacy act

Expect Challenges with the California Consumer Privacy Act

Perficient Data & Analytics

Compliance with the CCPA will be challenging because it represents major changes in how financial institutions conduct their business. Financial institutions are liable for penalties up to $750 per consumer, per incident of noncompliance. We recently published a guide examining the California Consumer Privacy Act of 2018, and the steps any financial institution must take in its response to the new law to evaluate its exposure and current state of readiness.

Guide: Complying with the California Consumer Privacy Act of 2018

Perficient Data & Analytics

The state of California has passed a digital privacy law that requires businesses to make disclosures about their collection, use, and dissemination of consumer personal information. The California Consumer Privacy Act (CCPA) will have far-reaching effects on how financial institutions manage their customer data. Receive equal service and price even if they exercise their privacy rights. As such, all medium-to-large financial institutions are within its scope.

Sales 40

Obama Proposes New Financial Services Consumer Protection Agency

Hunton Privacy

The Obama Administration today formally announced its sweeping proposal for new regulation of the financial industry. The proposal raises a number of privacy and data security questions, such as the role of the new financial services consumer protection agency in protecting privacy and data security and the continued role of the Federal Trade Commission as the lead agency in this area.

Improve your data relationships with third parties


Regulators are focusing on the data relationships financial services organizations have with third parties, including how well personal information is being managed. Others are realizing that they need to outsource critical services to specialist service providers. .

Banks won’t be able to remain on sidelines of privacy debate

Information Management Resources

Equifax's massive breach and Facebook's scandals have made data privacy a big issue for state and federal lawmakers. Data privacy Cyber security Data breaches Finance, investment and tax-related legislation Compliance House Financial Services Committee Senate Banking Committee Equifax CaliforniaHere's why banks need to be worried.

Business Process Modeling Use Cases and Definition


s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) are requiring businesses across industries to think about their compliance efforts. What is business process modeling (BPM)? A visual representation of what your business does and how it does it.

Grove Pension Solutions fined £40,000 for PECR violation

IT Governance

T he pensions firm ’s campaign, which took place between October 2016 and October 2017, violated the PECR (Privacy and Electronic Communications Regulation s ). . EU GDPR Financial Services Data management PECR

President Trump Signs Financial Services Regulatory Reform Legislation

Data Matters

The Act makes many significant modifications to the postcrisis financial regulatory framework, although it leaves the core of that framework intact. One major consequence of the Act may be an increased potential for mergers, acquisitions and organic growth among regional and midsize banks, as well as community banks, because of provisions that increase the thresholds that must be met before various financial regulatory requirements apply. Initiating Online Banking Services.

Is Your Customer Experience Future-Ready?


How do you ensure security and privacy while personalizing the customer experience? It is an ongoing activity, constantly responding to the changes in market and customer expectations, new products and services, and technology evolution. Ankur Gupta, Sr.

Establishing Authoritative Sources in Data Governance

Perficient Data & Analytics

Before a financial institution can agree on authorized sources of data, there must first be a common understanding of the type of data being sourced.

Using Information Governance to Manage the Commingling of Minors’ Claim Files


Privacy laws and regulations are changing at a rapid pace in the United States. With the onset of all these privacy regulations, now more than ever organizations are required to take action to only maintain files that are required for retention and legitimate business purposes. With the level of granularity required to address the privacy implications, and given all the potential obstacles, it’s important to have a plan in place.

Reltio Supports Apple CEO Tim Cook’s Clarion Call for Stronger US Customer Data Privacy Laws


privacy law , similar to GDPR (General Data Protection Regulation), is appropriate and timely. But today modern data management solutions that include technologies like machine learning empower organizations to implement data governance and privacy initiatives at scale, and are an essential part of their overall Customer 360 data strategy. privacy law as a regulatory burden rather than an opportunity have not yet internalized what it means to be a customer-driven company.

Global: Data Privacy Snapshot 2018

DLA Piper Privacy Matters

With this background, we are pleased to launch the DLA Piper Global Data Privacy Snapshot for 2018. This whitepaper examines the responses of the over 200 organisations who completed our Data Privacy Scorebox survey during the calendar year 2017.

The Third Modern Data Management Summit: Making Data Work!


Speakers represented life sciences, healthcare, manufacturing, retail, consumer goods, financial services, consulting services, and hi-tech. Manish Sood , CEO, Reltio – State of Master Data Management – Privacy, Trust, Experience. Ankur Gupta, Sr.

#ModernDataMasters: Bob More, SVP Global Field Operations


Being in control of your own destiny was key – certainly there’s a financial element of it – but I thought that it was a great opportunity to learn a lot and move around an organisation. Data privacy is coming up more and more beyond just GDPR. Kate Tickner, Reltio.

MDM 52

Data Compliance in a World of Data Privacy Concerns


In the European Union, the General Data Protection Regulation (GDPR) prevails for data transfer, with certain safeguards in place like the EU-US Privacy Shield, which protects the rights of anyone in the European Union whose personal data is transferred to the United States for commercial purposes. [3] Data compliance concerns may be more nuanced based on the specific industry, such as the financial services sector.

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

He also raised serious doubts over the validity of the Privacy Shield. Organisations subject to the California Consumer Privacy Protection Act (CCPA) should monitor guidance released by the Attorney General about obligations in relation to third party behavioural advertising cookies.


Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

This blogpost summarises our recent webinar: “ An urgent message from Berlin: The importance of record retention in privacy and cybersecurity ”. The authority claimed a violation of data minimisation and privacy by design principles under the EU General Data Protection Regulation (GDPR). .

EU-U.S. Privacy Shield Passes Its Third Annual Review

HL Chronicle of Data Protection

Privacy Shield. continues to provide an adequate level of protection for personal data transferred under the Privacy Shield from the EU to participating companies in the U.S. Privacy Shield took place on 12 and 13 September 2019. International/EU Privacy annual review EU EU-U.S.

These 3 GDPR Requirements You Must Support Today are Nothing Compared With What’s Coming


Personal data includes a wide range of personal identifiers, from addresses and public information, to social profiles, images, IP information, device IDs and medical and financial details. Imagine the branding and goodwill you’ll get with your customers when they realize that you are taking measures above and beyond (exceeding that of Facebook) to respect their privacy and data. Ramon Chen, Chief Product Officer, Reltio.