DLA Piper Privacy Matters

AUGUST 8, 2023

Authors: Carolyn Bigg, Amanda Ge and Venus Cheung On July 24, 2023, the People’s Bank of China (“ PBOC ”) released the Measures for the Management of Data Security in the Business Areas Falling into PBOC’s Jurisdiction (Draft for Comment) (“ Draft Measures” ) for public consultation, which closes on August 24, 2023.

Financial Services 98

Financial Services Personal data Compliance Data collection 98

Data Breach Today

AUGUST 26, 2021

Survey: Cybersecurity, Regulatory Concerns May Slow Digital Asset Adoption Although a majority of financial services executives predict that cryptocurrency will replace or rival fiat currency within the next five to 10 years, they say cybersecurity, regulatory and privacy issues are among the biggest obstacles to its adoption, according to a survey (..)

Financial Services 205

Financial Services Cybersecurity Security Privacy 205

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Some patients also had their Social Security numbers exposed.”

Data Privacy 85

Data Privacy Privacy Security Data breaches 85

Hunton Privacy

FEBRUARY 22, 2021

Lastly, the Alert provides recommendations to secure data, noting that (1) regulated entities should review whether it is necessary to display any NPI (even redacted NPI) and (2) NPI should not be displayed on public-facing sites unless there is a compelling reason to do so.

Financial Services 86

Financial Services Insurance Cybersecurity Analytics 86

Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. Covered Entities must have a monitoring process that ensures prompt notification of any new security vulnerabilities. Cybersecurity Governance.

Financial Services 55

Financial Services Cybersecurity Ransomware Compliance 55

Thales Cloud Protection & Licensing

JANUARY 11, 2023

The Most Popular Data Security Webinars of 2022: Sovereignty, Cloud Security and Compliance Top the List. Throughout 2022, Thales hosted more than 40 webinars on a wide variety of cybersecurity topics, including, cloud security, data sovereignty, compliance, data threat trends, and rethinking approaches to role-based authentication.

Compliance 83

Compliance Cloud Security Financial Services 83

Data Matters

FEBRUARY 10, 2021

On February 4, 2021, the New York Department of Financial Services (NYDFS) issued Circular Letter No. The post New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance appeared first on Data Matters Privacy Blog. 1 See W.B.

Insurance 79

Insurance Financial Services Cybersecurity Risk 79

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

IBM Big Data Hub

MARCH 20, 2024

For highly regulated industries, these challenges take on an entirely new level of expectation as they navigate evolving regulatory landscape and manage requirements for privacy, resiliency, cybersecurity, data sovereignty and more. This means actively minimizing downtime and closing gaps in the supply chain to remain competitive.

Cloud 77

Cloud Financial Services Risk Business Services 77

Schneier on Security

JANUARY 31, 2024

Beyond these economic effects, the rules have important data security benefits. The CFPB’s rules align with a key security idea: the decoupling principle. When you get a car loan or a house mortgage, that information, along with your Social Security number and other sensitive data, is also shared with unknown third parties.

Financial Services 93

Financial Services Privacy Personal data Marketing 93

Data Matters

MAY 4, 2022

Sidley announced today that David Lashway and John Woods have joined as partners in the firm’s Privacy and Cybersecurity practice in Washington, D.C. Adding significant bench strength to our Chambers-ranked Privacy and Cybersecurity practice is a win for Sidley and our clients,” said Yvette Ostolaza, Sidley’s Management Committee Chair.

Cybersecurity 167

Cybersecurity Marketing Security Privacy 167

The Last Watchdog

FEBRUARY 15, 2024

Paul Greene , CIPP/US, CIPP/E, CIPM, FIP, Harter Secrest & Emery’s Privacy and Data Security practice group helps clients respond to data security incidents of all kinds. NetDiligence-authorized Breach Coach ® firms are selected based on their experience, competency, thought leadership, and industry engagement.

Data breaches 100

Data breaches Financial Services Big data Retail 100

IT Governance

FEBRUARY 21, 2024

Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Source New Telecoms USA Yes 6,158 Nabholz Construction Company Employee Welfare Health Plan Source 1 ; source 2 New Healthcare USA Yes 5,326 Dawson James Securities, Inc. North Hill Home Health Care, Inc.,

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

The Last Watchdog

MARCH 31, 2020

Related: A firewall for microservices DevSecOps arose to insert security checks and balances into DevOps, aiming to do so without unduly degrading speed and agility. If you’re thinking that speed and security are like oil and water, you’re right. For a full drill down on our discussion, please give the accompanying podcast a listen.

Security 164

Security Privacy Financial Services Risk 164

Hunton Privacy

APRIL 22, 2020

On April 13, 2020, the New York Department of Financial Services (“NYDFS”) issued guidance (“April guidance”) to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic.

Financial Services 71

Financial Services Cybersecurity Phishing Risk 71

Hunton Privacy

JANUARY 24, 2018

On January 22, 2018, the New York Department of Financial Services (“NYDFS”) issued a press release reminding entities covered by its cybersecurity regulation that the first certification of compliance with the regulation is due on or prior to February 15, 2018.

Financial Services 58

Financial Services Cybersecurity Compliance Insurance 58

IBM Big Data Hub

JUNE 12, 2023

We see public cloud as an enabler of a better future for financial services, not as a destination. Understand the immediate power and sustained value of great architecture with embedded security controls and continuous monitoring. The future for financial services is bright.

Cloud 90

Cloud Financial Services Digital transformation Risk 90

Data Matters

MARCH 28, 2022

OCR concludes most cyber-attacks could be prevented or substantially mitigated if HIPAA covered entities and business associates implemented HIPAA Security Rule requirements to address the most common types of attacks. implement a security awareness and training program for all workforce members pursuant to the HIPAA Security Rule.

Cybersecurity 88

Cybersecurity Privacy Insurance Risk 88

Hunton Privacy

JUNE 9, 2022

515 , making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law (“MDL-668”). Information Security Program Requirements. Instead, licensees are bound by the notification requirements of the Vermont Security Breach Notice Act, 9 V.S.A.

Insurance 107

Insurance Security Information Security Cybersecurity 107

Micro Focus

JANUARY 28, 2021

When it comes to data privacy, who do consumers trust? A recent data privacy survey by McKinsey & Company asked 1,000 consumers to rank the most trusted industries in protecting privacy and data. View Article.

Data Privacy 53

Data Privacy Privacy Financial Services Government 53

IBM Big Data Hub

JANUARY 10, 2024

Hybrid cloud has become the dominant approach for enterprise cloud strategies , but it comes with complexity and concerns over integration, security and skills. Hybrid cloud is also forcing a significant rethinking of how to secure and protect data and assets.

Security 74

Security Cloud Data Privacy Financial Services 74

IBM Big Data Hub

FEBRUARY 22, 2024

We strongly believe the influx of data associated with AI will fuel tremendous business innovations, but requires strategic considerations, including around where data resides, data privacy, resilience, operational controls, regulatory requirements and compliance, and certifications.

Cloud 77

Cloud Computer and Electronics Compliance Financial Services 77

IBM Big Data Hub

DECEMBER 14, 2023

As enterprises scale infrastructure and systems to manage sensitive data and complex workloads, they must rely more on an ecosystem of partners to help them enhance their security and compliance without impacting performance and resiliency. It also offers the industry’s only Keep Your Own Key (KYOK) for data encryption at rest.

Cloud 87

Cloud Security Data breaches Cybersecurity 87

The Last Watchdog

JULY 11, 2023

Related: Preserving the privacy of the elderly As more traders and investors engage in these investment avenues, it is crucial to adopt robust security measures to safeguard sensitive and regulated information. Continuous threat detection is a proactive approach to maintaining trading environment security.

IT 161

IT Encryption Risk Financial Services 161

The Last Watchdog

AUGUST 3, 2023

This marks a monumental leap forward in secure financial and healthcare data analytics, enabling encrypted data to be safely analyzed and visualized for the first time, all while maintaining absolute data privacy and security. San Francisco and Cork, Ireland, Aug.

Encryption 100

Encryption Analytics Data Privacy Cybersecurity 100

Data Protection Report

JUNE 14, 2022

As privacy incidents and security breaches involving personal information become increasingly frequent, organizations are more and more aware of the importance of implementing a robust privacy program to mitigate the risks and impacts of such incidents. Legal Obligations. Procedural Considerations.

Privacy 52

Privacy Data breaches Compliance Financial Services 52

Krebs on Security

MAY 3, 2019

A Pennsylvania credit union is suing financial industry technology giant Fiserv , alleging that “baffling” security vulnerabilities in the company’s software are “wreaking havoc” on its customers. Most alarmingly, this security control was purely illusory.

Security 177

Security Passwords Financial Services Sales 177

The Last Watchdog

SEPTEMBER 21, 2018

It’s rise in popularity has helped drive a new trend for start-ups to go “Cloud Native,” erecting their entire infrastructure, from the ground up, leveraging cloud services like Amazon Web Services, Microsoft Azure and Google Cloud. Security burden. Rising API exposures are another big security concern, by the way.

Cloud 152

Cloud Security Mining Financial Services 152

Data Protector

JANUARY 29, 2017

Does it really mean that in 481 days, European privacy regulators will be heralding the first megafine for non-compliance with one of the GDPR’s more obscure requirements? And also, what standard of evidence is necessary to be generated, just in case privacy regulators exercise their Article 30(4) right to request it. I think not.

GDPR 136

GDPR Privacy Compliance Personal data 136

Security Affairs

DECEMBER 26, 2023

Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 100 and government agencies worldwide, has compiled a comprehensive forecast outlining the imminent threats and novel security challenges anticipated in the upcoming year. Recent U.S.

Energy and Utilities 111

Energy and Utilities Artificial Intelligence Ransomware Data breaches 111

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy 84

Privacy GDPR Data breaches Risk 84

IBM Big Data Hub

DECEMBER 18, 2023

For organizations of all types—and especially those in highly regulated industries such as financial services, government, healthcare and telco—considerations including the rise of generative AI, evolving regulations and data sovereignty laws and ongoing security challenges must be top of mind.

Cloud 66

Cloud Financial Services Compliance Digital transformation 66

IBM Big Data Hub

AUGUST 1, 2023

We are bringing the power of foundation models with the availability of a GPU as a service on IBM Cloud offering to help organizations tap into artificial intelligence (AI) in a secured environment while aiming to mitigate third- and fourth-party risk.

Financial Services 64

Financial Services Computer and Electronics Cloud Digital transformation 64

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. The service determines whether an application is malicious or suspicious and, if so, will block it from making changes to any files in a protected folder. The post U.S.

Cybersecurity 157

Cybersecurity Financial Services Authentication Government 157

Data Protection Report

AUGUST 2, 2022

In our previous publication , we discussed the legal obligations and procedural considerations surrounding maintaining records of privacy incidents. Organizations should also be aware of sector-specific statutory obligations which may apply to them, for example in health or financial services industries.

Compliance 137

Compliance Privacy Risk Financial Services 137

Thales Cloud Protection & Licensing

JANUARY 10, 2024

Navigating the EU-US Data Protection Framework sparsh Thu, 01/11/2024 - 05:26 On 10 July 2023, the European Commission adopted a new adequacy decision regarding the Data Privacy Framework (“DPF”). This follows the invalidation of the EU-US Privacy Shield, by the Court of Justice of the European Union on 16 July 2020.

Data Privacy 83

Data Privacy Personal data Privacy Cloud 83

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111