DLA Piper Privacy Matters

DECEMBER 7, 2017

Two recent developments in the United Kingdom highlight the growing risk of privacy litigation and “group actions” which is likely to further increase following the enactment of the General Data Protection Regulation (“ GDPR “) in May 2018. ”, discussed further below.

Risk 40

Risk Privacy GDPR Data breaches 40

IT Governance

FEBRUARY 6, 2024

Source 1 ; source 2 (New) Professional services USA Yes 11,556 Poder Judicial de Santa Cruz Source (New) Legal Argentina Yes 8,732 J.D.

Data Privacy 88

Data Privacy Privacy Insurance Security 88

Hunton Privacy

OCTOBER 25, 2022

million fine to Interserve Group Limited for failing to keep employee personal data secure, which violates Article 5(1)(f) and Article 32 of the EU General Data Protection Regulation (“GDPR”), during the period of March 2019 to December 2020. On October 24, 2022, the UK Information Commissioner’s Office (“ICO”) issued a £4.4

Security 97

Security Personal data GDPR Insurance 97

IT Governance

MAY 7, 2024

At least 191 Australian organisations affected by ZircoDATA ransomware attack The ransomware group BlackBasta listed Australia-based ZircoDATA as a victim in February, allegedly exfiltrating 395 GB of data. Source 1 ; source 2 (Update) Insurance USA Yes 75,101 Airsoftc3.com Data breached: 1,201,000 people’s data.

Data breaches 59

Data breaches Education Manufacturing Retail 59

Security Affairs

FEBRUARY 8, 2024

Cyber Insurance: US cyber insurance premiums soared by 50% in 2022, reaching $7.2 Regulatory Compliance Challenges: Compliance with data protection regulations, such as GDPR and CPRA , remains a challenge for organizations, with non-compliance penalties averaging $5.5 million, up 15% in three years. The US topped the list at $5.09

Security 115

Security Phishing IoT Ransomware 115

IT Governance

DECEMBER 5, 2023

This was confirmed about a fortnight later, in early November, when the ALPHV/BlackCat ransomware group took responsibility for the attack , claiming to have encrypted Henry Schein’s files and exfiltrated 35 TB of data. Data breached: over 300 million records. The company’s description of the incident suggested ransomware.

Data Privacy 106

Data Privacy Privacy Manufacturing Retail 106

DLA Piper Privacy Matters

NOVEMBER 6, 2018

From a brief search online it is easy to find various different claimant law firms advertising off the back of large public data breaches the possibility to bring a group claim for compensation. The solution is to insure against ruinous group claims…. These make for a potentially toxic mix. Morrisons #2 Court of Appeal.

Insurance 45

Insurance Data breaches Personal data GDPR 45

CGI

AUGUST 31, 2016

Insurers’ role will be critical in improving cybersecurity standards. Cyber insurance can be obtained to cover such costs as crisis management, media management, incident management, technical remediation, legal fees, call management, data subject notification, breach investigation and many other losses resulting from a cyber-attack.

Insurance 40

Insurance Cybersecurity Risk Marketing 40

IT Governance

JANUARY 23, 2024

More than 10 million lines of Pastelería Mozart customer data apparently posted on dark web The Ynnian hacking group has posted 10,870,525 lines of data on the dark web, apparently originating from Pastelería Mozart, a popular bakery chain in Chile. VF Corporation confirms 35.5 million customers’ data. Data breached: 35,500,000 records.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

FEBRUARY 15, 2022

Cyber insurance will become more popular and more comprehensive. It’s led to a growing trend for organisations to purchase cyber insurance, which Forbes contributor Emil Sayegh believes will continue in 2022. This market squeeze will certainly affect the cyber insurance industry itself. “We

Security 142

Security Insurance Authentication Passwords 142

IT Governance

JANUARY 16, 2024

Source 1 ; source 2 (Update) Professional services USA Yes 56,457 Highlands Oncology Group Source 1 ; source 2 ; source 3 (Update) Healthcare USA Yes 55,297 Charm Sciences, Inc. Drug Mart Source 1 ; source 2 (Update) Healthcare USA Yes 36,749 Elliott Group Source (New) Manufacturing USA Yes 31.5

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

JANUARY 9, 2024

LockBit claims responsibility for Capital Health security incident The LockBit ransomware group has claimed responsibility for an attack on Capital Health , a healthcare provider in Pennington, New Jersey, last November. The group has allegedly exfiltrated more than 10 million files. Data breached: 41,500,000 records.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

DLA Piper Privacy Matters

FEBRUARY 7, 2019

Given the potential financial exposure under GDPR, it is no surprise that a great deal of time is being spent working out how to allocate the risk and liability when negotiating commercial contracts. Before we look at limiting liability, we need to first consider how liability can arise in the first place in the context of GDPR.

GDPR 49

GDPR Risk Data breaches Personal data 49

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. law, consumers and the marketplace have been comfortable with to date.

GDPR 79

GDPR Privacy Sales Data breaches 79

DLA Piper Privacy Matters

OCTOBER 25, 2022

On 24 October 2022, the ICO issued a penalty notice (MPN) to Interserve Group Limited (Interserve), imposing a fine of £4.4m for violations of the GDPR (the violations were pre-Brexit). A phishing email was sent to a group employee which was designed to appear as though the attached document needed urgent action. The Incident.

Security 52

Security GDPR Personal data Insurance 52

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. However, the challenges of GDPR certainly don’t end on the date this law goes into implementation. Many of our clients ask us when and how they may be called upon to demonstrate compliance with the GDPR.

GDPR 40

GDPR Personal data Compliance Data breaches 40

IT Governance

JANUARY 30, 2024

Source (New) Retail USA Yes 2,588,849 Keenan & Associates Source 1 ; source 2 (Update) Insurance USA Yes 1,509,616 AGC Group Source (New) Manufacturing Japan Yes 1.5 TB Four Hands Source (New) Manufacturing USA Yes 1.5 TB UK forex customers Source (New) Finance UK Yes 1,001,214 A.N.S. Source (New) Non-profit USA Yes 25,908.62

Data Privacy 52

Data Privacy Retail Privacy Manufacturing 52

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. law, consumers and the marketplace have been comfortable with to date.

GDPR 60

GDPR Privacy Sales Data breaches 60

eDiscovery Daily

DECEMBER 3, 2017

Now, Tom has written a terrific informational overview on Europe’s General Data Protection Regulation (GDPR) titled eDiscovery and the GDPR: Ready or Not, Here it Comes. Part One: What is the GDPR? Europe’s General Data Protection Regulation (GDPR) is set to take effect in less than 200 days. Here’s the first part.

GDPR 44

GDPR IT Personal data Privacy 44

ARMA International

APRIL 18, 2022

These records are typically organized by grouping them by function or department and then described as either an individual record or grouped together into a record category. Countries and organizations within the European Union (EU), must comply with the requirements of the General Data Protection Regulation (GDPR) 1.

Personal data 100

Personal data GDPR Privacy Records Management 100

eDiscovery Daily

AUGUST 4, 2023

State and local groups generate and store vast amounts of data across numerous departments, committees, and systems. By Catherine Ostheimer Being responsive to the growing number of Access Requests and DSARS as a local government organization can be daunting. First, there’s the data management challenge.

Government 58

Government Access Insurance GDPR 58

Reltio

JUNE 12, 2020

1-2 Previous Roles & Companies: Worked as a consultant with general insurers, Lloyd’s market firms, brokers and reinsurers, including Beazley Group and RSA. Summary: Charles specializes in data governance, data quality and data strategy for the insurance industry. What attracted you to the insurance industry?

Insurance 52

Insurance Customer Experience B2B MDM 52

Thales Cloud Protection & Licensing

OCTOBER 10, 2018

Driven by the introduction of the General Data Protection Regulation (GDPR) and heightened by constantly evolving demands, consumers are changing their purchasing habits. GDPR: to help or hinder? Think TV licenses and car insurance, for example. However, the narrative is set to change. A personal interest.

GDPR 76

GDPR Security Marketing Data breaches 76

IT Governance

JULY 5, 2018

The Australian law firm Slater and Gordon’s ill-fated £637 million acquisition of the professional services division of the British insurance outsourcer Quindell plc in 2015 has attracted a great deal of negative attention over the past few years. Worse fines if the GDPR had been in effect. Help complying with the GDPR.

GDPR 53

GDPR Compliance Personal data Data breaches 53

IT Governance

MAY 2, 2019

More medium-sized (31% vs 19%) and large businesses (35% vs 24%) have invested in cyber insurance. These improvements have coincided with the introduction of the GDPR (General Data Protection Regulation) , indicating that its compliance requirements are working. The effects of the GDPR.

Data breaches 69

Data breaches GDPR IT Compliance 69

DLA Piper Privacy Matters

FEBRUARY 28, 2022

Most incidents reported originate from the private sector ( 3,667 ), with 2,707 incidents reported from public sector organisations in Ireland such as public sector bodies, banks, insurance and telecom companies. The DPC has noted that the main cause of such incidents is poor operational practices and human error. million in 2022.

Financial Services 97

Financial Services Data breaches Personal data Compliance 97

IT Governance

APRIL 22, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight Criminal hackers threaten to leak World-Check screening database A criminal group known as GhostR claims to have stolen 5.3 million records from World-Check, a screening database used to screen potential customers for links to illegal activity and government sanctions.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

IT Governance

MAY 29, 2018

Remember when I said last month that “with the GDPR less than a month away I imagine future lists will be even longer thanks to the introduction of mandatory data breach notifications”? Well, May’s list of incidents is very long, and the GDPR only came into effect at the end of the month. I’m not, though. I’m entirely guileless.

Data breaches 89

Data breaches GDPR Ransomware Passwords 89

DLA Piper Privacy Matters

DECEMBER 14, 2018

Just a few months after the Dutch DPA inspected more than 100 hospitals and health insurers on whether they comply with the obligation to appoint (and publish the details of) a Data Protection Officer, this week it announced more news and monitoring action with respect to the health sector. The GDPR (Article 24 par.

GDPR 40

GDPR Personal data Insurance Privacy 40

John Battelle's Searchblog

MAY 31, 2023

My point is simply this: When a group of industry folks drop what looks like an opportunistic A-bomb on the willing press, it kind of makes sense to think through the why of it all. Cough cough privacy and GDPR , cough cough). Let’s review a few facts.

Risk 122

Risk Insurance GDPR Government 122

The Guardian Data Protection

NOVEMBER 6, 2018

Until GDPR came in, with larger sanctions, larger fines, and the ability to reach outside the UK and preserve data, “we couldn’t be as effective a regulator as we can be now”, Denham says. Most of the work is still done by journalists and civil society groups. and Eldon Insurance,” Labour’s Jo Stevens asks. and Eldon Insurance.

Insurance 72

Insurance Personal data Privacy GDPR 72

ForAllSecure

MAY 17, 2023

Chris Gray of Deep Watch talks about the view from the inside of a virtual SOC, the ability to see threats against a large number of SMB organizations, and the changes to cyber insurance we’re seeing as a result. VAMOSI: Cybersecurity insurance. cyber insurance as a whole was changing heavily. And why is that?

Insurance 40

Insurance Privacy Ransomware GDPR 40

eSecurity Planet

MARCH 18, 2022

For example, Microsoft developed a Group Policy Management Console to manage implemented policies applied to different user groups in a Windows environment. Also read: How to Comply with GDPR, PIPL and CCPA. Still, an approved IT policy provides some insurance against the IT team becoming the scapegoat. Compliance.

IT 120

IT Compliance Security Access 120

DLA Piper Privacy Matters

APRIL 10, 2019

The EU’s High Level Expert Group on Artificial Intelligence (“ AI HLEG “) has published its much anticipated guidelines on the ethical use of AI, with the title ‘ Ethics Guidelines for Trustworthy AI ‘ (“ Guidelines “). Key Principles and Requirements. Accountability.

Artificial Intelligence 45

Artificial Intelligence GDPR Privacy Insurance 45

Data Matters

SEPTEMBER 24, 2019

Many of the new or modernized laws tend to be based on comprehensive legislation, rather than sectoral rules, as data needs to move across industry groups and borders. Like the GDPR, the BDPA aims to reach information that could be used to identify a person, even if the information on its face does not do so. Healthcare Organizations.

Personal data 68

Personal data GDPR Data Privacy Privacy 68

Reltio

OCTOBER 4, 2018

Our customers – which include eight of the 10 largest life science companies, two of the top 10 cosmetics companies in the world, a global hotel and hospitality group, a U.S.-based based healthcare insurer, one of the largest U.S.-based

MDM 69

MDM Cloud Analytics GDPR 69

Data Protector

OCTOBER 11, 2017

Even without that, it has 300 paragraphs and 18 schedules, one of which helpfully signposts the way that the Government intend to make changes to the Bill so that the GDPR becomes domestic law when we leave the EU, even though the amendments to make that happen will actually be made by secondary legislation.

GDPR 120

GDPR Personal data Government IT 120