GDPR, Insurance, Personal data and Security - Information Management Today

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

While there are similarities with EU/UK GDPR – and sufficient harmonisation with data protection laws across APAC to continue a regional data compliance in Asia – the practicalities of implementation and compliance should not be underestimated. data subjects, using the GDPR terminology) located within India.

Personal data

Personal data GDPR Data breaches Compliance

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Data Protection Report

MARCH 21, 2023

The French Information and Digital Security Experts Club ( CESIN ) has estimated that 54% of French companies were subject to cyberattacks in 2021, [1] while France Assureurs has put cyberattack risks on top of all other risks for the sixth year in a row. [2] 12-10-1 into the French Insurance code. However, in the end, Article L.12-10-1

Insurance

Insurance Data breaches Personal data GDPR

How Much Cyber Liability Insurance Do You Need?

IT Governance

AUGUST 23, 2022

Cyber liability insurance helps organisations cover the financial costs of a data breach. Without insurance, organisations spend £3.6 million on average recovering from security incidents. By purchasing cyber liability insurance, organisations gain the resources they need at a fraction of the cost.

Insurance

Insurance Data breaches e-Delivery Risk

CIAM in insurance: A unified, secure user experience with a single login

Thales Cloud Protection & Licensing

MAY 26, 2023

CIAM in insurance: A unified, secure user experience with a single login madhav Fri, 05/26/2023 - 07:33 In recent years, the insurance industry has transformed from a singularly focused entity to a multi-brand or multi-service type of business. Adding value to the user experience (a top priority for 59% of insurers) 2.

Insurance

Insurance Digital transformation Security Authentication

A guide to the GDPR for insurance companies

IT Governance

MAY 30, 2018

The EU General Data Protection Regulation (GDPR) is designed to harmonise data protection laws across the EU, but certain industries will have to respond differently in order to achieve compliance. A report published by research and consultancy company Celent highlights the challenges that the GDPR presents to insurers.

Insurance

Insurance GDPR Compliance Data collection

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

EUROPE: Are GDPR fines insurable in the countries where you operate?

DLA Piper Privacy Matters

MAY 17, 2018

DLA Piper and Aon have launched a guide ‘ The price of data security ‘, ahead of the General Data Protection Regulation (GDPR), effective from 25 May 2018. It also looks at insurability of costs associated with GDPR non-compliance (e.g. Criminal penalties are almost never insurable.

Insurance

Insurance GDPR Data breaches Personal data

UK Information Commissioner’s Office Fines Construction Company £4.4 Million for Breach of Security Obligations

Hunton Privacy

OCTOBER 25, 2022

million fine to Interserve Group Limited for failing to keep employee personal data secure, which violates Article 5(1)(f) and Article 32 of the EU General Data Protection Regulation (“GDPR”), during the period of March 2019 to December 2020.

Security

Security Personal data GDPR Insurance

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

The Last Watchdog

APRIL 30, 2019

I had the chance at RSA 2019 to visit with George Wrenn, founder and CEO of CyberSaint Security , a cybersecurity software firm that plays directly in this space. The CSF’s core principles have been incorporated into Europe’s GDPR , NYDFS’s cybersecurity requirement s, California’s Consumer Privacy Act and Ohio’s Data Protection Act.

Cybersecurity

Cybersecurity Insurance Security Privacy

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

The Last Watchdog

OCTOBER 29, 2018

The headlines immediately attempted to lay the blame, in large part, on the fact that Equifax’s chief information security officer was a music major and did not have a background in technology. The FTC considers that ‘reasonable security’ doesn’t mean ‘perfect security.’ Equifax was not special in this regard. Reduced penalties.

Security

Security Data Privacy Privacy Data breaches

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

On November 26, 2020, the French Data Protection Authority (the “CNIL”) announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies.

GDPR

GDPR Personal data Data collection Marketing

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy.

GDPR

GDPR Compliance Privacy Data Privacy

62% of organisations unaware of the GDPR

IT Governance

FEBRUARY 23, 2018

There is an alarming lack of awareness across all industries about the EU General Data Protection Regulation (GDPR) , according to a government survey. As you would expect, larger organisations were more likely to be aware of the GDPR. Preparing for the GDPR. The survey split respondents into businesses and charities.

GDPR

GDPR Compliance Insurance Personal data

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. The protection of personal data.

Privacy and Cybersecurity Law

SEPTEMBER 15, 2021

It is no coincidence, therefore, that the European Commission’s “ Proposal for a Regulation laying down harmonized rules on Artificial Intelligence ”, published on April 21, 2021 (the Proposal), has several points of contact with the GDPR. This is a fundamental goal of both the proposal and the GDPR. …and more.

Artificial Intelligence

Artificial Intelligence Personal data GDPR Compliance

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

With a mammoth GDPR fine handed out to Google last week, it’s time for organisations to reassess their understanding of the Regulation. We’re through the eye of the GDPR (General Data Protection Regulation) storm. Some began to lose faith. It’s Y2K all over again”; a big fuss over nothing. The basics. Who needs to pay attention?

GDPR

GDPR Compliance Personal data Data breaches

Data protection strategy: Key components and best practices

IBM Big Data Hub

MAY 28, 2024

Its principles are the same as those of data protection—to protect data and support data availability. Data availability —ensuring critical data is available for business operations even during a data breach, malware or ransomware attack.

Data breaches

Data breaches GDPR Compliance Encryption

Mastering healthcare data governance with data lineage

IBM Big Data Hub

MAY 9, 2024

The healthcare industry faces arguably the highest stakes when it comes to data governance. For starters, healthcare organizations constantly encounter vast (and ever-increasing) amounts of highly regulated personal data. healthcare, managing the accuracy, quality and integrity of data is the focus of data governance.

Government

Government GDPR Compliance Analytics

How to Manage Your Cyber Risks

IT Governance

OCTOBER 11, 2022

One of the most common mistakes that organisations make when addressing cyber security is that they consider it a one-off event. This process should be embedded within your overall cyber security measures in what experts refer to as cyber defence in depth. What is threat management?

Risk

Risk GDPR Information Security Personal data

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

The Cyber Security Breaches Survey 2018 from the Department for Digital, Culture, Media and Sport (DCMS) has revealed that only 38% of businesses and 44% of charities have heard of the General Data Protection Regulation (GDPR). Are your staff aware of the GDPR? Don’t let your staff be your downfall.

GDPR

GDPR Government Education Compliance

Patch your vulnerabilities now or risk punishment under the GDPR

IT Governance

JANUARY 19, 2018

In the wake of the Meltdown and Spectre flaws revealed on 3 January 2018, the Information Commissioner’s Office (ICO) has warned that existing vulnerabilities could lead to punishment when the EU General Data Protection Regulation (GDPR) is enforced. Secure configuration. These controls are: Patch management.

GDPR

GDPR Risk Insurance Government

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

million customers’ data having gained access via a vulnerability in Hathaway’s Laravel web application framework. The compromised data allegedly includes names, email addresses and phone numbers. Data breached: 41,500,000 records. Data breached: 4,452,782 records. They accessed 41.5 HealthEC LLC breached, almost 4.5

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

ICO issue fine of £4.4 to Interserve for security failings

DLA Piper Privacy Matters

OCTOBER 25, 2022

for violations of the GDPR (the violations were pre-Brexit). The ICO found that Interserve had failed to put appropriate technical and organisational measures in place to secure personal data (in contravention of Articles 5(1)(f) and 32 GDPR) for a period of ~20 months. The Incident.

Security

Security GDPR Personal data Insurance

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing. New EU restrictions could force companies to change data transfer practices and adopt more advanced data encryption methods. In recent years, costly breaches and evolving data security concerns have bubbled up to a board level agenda item.

Data Privacy

Data Privacy Privacy Security Encryption

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

DLA Piper Privacy Matters

APRIL 8, 2019

The new Act codifies the relevant legislation and broadens the possibilities to, under certain conditions, utilize and combine for secondary purposes personal data collected in relation to public or private social and health care operations. The decisions on licenses are subject to an appeal.

Personal data

Personal data GDPR Healthcare Compliance

New CNIL €400,000 fine for data security breaches and non-compliance with data retention period under the GDPR

Data Protection Report

JULY 8, 2019

Following the now famous €50m fine imposed on Google LLC in January 2019, [1] the French Data Protection Authority (the CNIL ) published a decision taken on 28 May 2019 [2] imposing a fine of €400,000 on SERGIC, a company specialised in real estate development, purchase, sale, rental and property management.

GDPR

GDPR Personal data Compliance Security

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR

GDPR Personal data Privacy Information architecture

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

These are just some examples of how organizations support data privacy , the principle that people should have control of their personal data, including who can see it, who can collect it, and how it can be used. One cannot overstate the importance of data privacy for businesses today.

Data Privacy

Data Privacy Privacy GDPR Personal data

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

45 of 2021 on the Protection of Personal Data Protection (“ PDPL ”), which was issued on 26 September 2021. Reassuringly, the PDPL does not contain any major divergences from other well-known data protection regimes, including the GDPR. What does the PDPL cover and who does it apply to? Definitions. Territoriality.

Personal data

Personal data Data breaches GDPR Compliance

Biden Cybersecurity Strategy: Big Ambitions, Big Obstacles

eSecurity Planet

MARCH 3, 2023

The initiatives that stand out the most — critical infrastructure security standards, a national data privacy and security law, and liability for security failures — will likely take time and the support of Congress to implement. is the creation of mandatory requirements for critical infrastructure security.

Cybersecurity

Cybersecurity Government Manufacturing Personal data

EUROPE: New privacy rules for connected vehicles in Europe?

DLA Piper Privacy Matters

MAY 5, 2020

Adjacent to these initiatives, the European Data Protection Board (“EDPB”) recently published draft guidelines 1/2020 on processing personal data in the context of connected vehicles and mobility related applications. Hence, personal data can be collected through vehicle sensors, telematics boxes or mobile applications.

Privacy

Privacy Personal data GDPR Insurance

CIPL and AvePoint Release Global GDPR Readiness Report

Hunton Privacy

NOVEMBER 10, 2016

On November 9, 2016, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP and AvePoint released the results of a joint global survey launched in May 2016 concerning organizational preparedness for implementing the EU General Data Protection Regulation (“GDPR”).

GDPR

GDPR Data Privacy Compliance Privacy

Spanish DPA Publishes Report on Data Processing Activities in Relation to COVID-19

Hunton Privacy

MARCH 25, 2020

The Report first notes that the EU General Data Protection Regulation (“GDPR”) contains necessary safeguards and rules with respect to personal data processing in a general health emergency. The Report then turns to legal bases for processing personal data in the COVID-19 context.

Personal data

Personal data GDPR Risk Insurance

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

DLA Piper Privacy Matters

NOVEMBER 6, 2019

On 30 October 2019, the Berlin Commissioner for Data Protection and Freedom of Information ( Berliner Beauftragte für Datenschutz und Informationsfreiheit – “ Berlin DPA ”) imposed an administrative fine of about EUR 14.5 million against Deutsche Wohnen SE for infringements of the General Data Protection Regulation (GDPR).

GDPR

GDPR Personal data Archiving Compliance

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

Data breached: 6,009,014 accounts. A further 381,000 New York City public school students affected by 2022 data breach In January 2022 , personal data from around 820,000 New York City public school students, both current and former, was breached. Source 1 ; source 2 (Update) Insurance USA Yes 75,101 Airsoftc3.com

Data breaches

Data breaches Education Manufacturing Retail

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. However, the challenges of GDPR certainly don’t end on the date this law goes into implementation. Many of our clients ask us when and how they may be called upon to demonstrate compliance with the GDPR.

GDPR

GDPR Personal data Compliance Data breaches

Data Breach: Turkish legal advising company exposed over 15,000 clients

Security Affairs

FEBRUARY 26, 2021

Our online security team has uncovered a massive data breach originating from a misconfigured Amazon Bucket, which was operated by a Turkish Legal advising company, INOVA YÖNETIM & AKTÜERYAL DANI?MANLIK. While Amazon offers the necessary tools to secure their services, Inova has not implemented these measures properly.

Data breaches

Data breaches Insurance Paper Access

Italy: Privacy law integrating the GDPR adopted, what to do?

DLA Piper Privacy Matters

MAY 14, 2018

The Italian privacy law integrating the GDPR has been finalized by the Board of Ministers, unveiling unexpected surprises a few days before the 25th of May 2018. The Italian Board of Ministers issued the final text of the legislative decree integrating the EU General Data Protection Regulation.

GDPR

GDPR Privacy Systems administration Compliance

U.S. states pass data protection laws on the heels of the GDPR

Data Protection Report

JULY 9, 2018

states have recently introduced and passed legislation to expand data breach notification rules and to mirror some of the protections provided by Europe’s newly enacted General Data Protection Regulation (“GDPR”). See our previous blog posts on GDPR here and here. On the security front, as of March 2018, all 50 U.S.

GDPR

GDPR Data breaches Personal data Insurance

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Data Matters

AUGUST 9, 2021

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”). Uniform Personal Data Protection Act.

Data breaches

Data breaches Privacy Personal data Data Privacy

CNIL Launches Public Consultation on Draft Standards on Data Processing for Managing Business Activities and Unpaid Invoices

Hunton Privacy

DECEMBER 3, 2018

On November 29, 2018, the French Data Protection Authority (the “CNIL”) launched an online public consultation regarding two new CNIL draft standards (“Referentials”) concerning the processing of personal data to manage (1) business activities and (2) unpaid invoices. . Background.

GDPR

GDPR Personal data Insurance Education

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

With its new data protection bill, Barbados is planning to join the ranks; this is a significant move, and it is one fueled at least in part by the entry into force of the European Union’s General Data Protection Regulation (“GDPR”) on May 25, 2018. A “ data subject ” is an individual who is the subject of personal data.

Personal data

Personal data GDPR Data Privacy Privacy

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

The Last Watchdog

AUGUST 19, 2021

TMobile has now issued a formal apology and offered free identity theft recovery services to nearly 48 million customers for whom the telecom giant failed to protect their sensitive personal information. At the start of this week, word got out that hackers claimed to have seized personal data for as many as 100 million T-Mobile patrons.

Data breaches

Data breaches Authentication Access Personal data

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

DLA Piper Privacy Matters

FEBRUARY 7, 2019

Given the potential financial exposure under GDPR, it is no surprise that a great deal of time is being spent working out how to allocate the risk and liability when negotiating commercial contracts. Before we look at limiting liability, we need to first consider how liability can arise in the first place in the context of GDPR.

GDPR

GDPR Risk Data breaches Personal data

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

India: New Digital Personal Data Protection Act, Start Planning Now.

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Trending Sources

How Much Cyber Liability Insurance Do You Need?

CIAM in insurance: A unified, secure user experience with a single login

A guide to the GDPR for insurance companies

Security Compliance & Data Privacy Regulations

EUROPE: Are GDPR fines insurable in the countries where you operate?

UK Information Commissioner’s Office Fines Construction Company £4.4 Million for Breach of Security Obligations

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

62% of organisations unaware of the GDPR

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. The protection of personal data.

Wake up to the reality of the GDPR: What you need to know about compliance

Data protection strategy: Key components and best practices

Mastering healthcare data governance with data lineage

How to Manage Your Cyber Risks

Government survey reveals GDPR awareness is falling short

Patch your vulnerabilities now or risk punishment under the GDPR

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

ICO issue fine of £4.4 to Interserve for security failings

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

New CNIL €400,000 fine for data security breaches and non-compliance with data retention period under the GDPR

GDPR – The Year in Review

Data privacy examples

UAE: Federal level data protection law enacted

Biden Cybersecurity Strategy: Big Ambitions, Big Obstacles

EUROPE: New privacy rules for connected vehicles in Europe?

CIPL and AvePoint Release Global GDPR Readiness Report

Spanish DPA Publishes Report on Data Processing Activities in Relation to COVID-19

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

GDPR is upon us: are you ready for what comes next?

Data Breach: Turkish legal advising company exposed over 15,000 clients

Italy: Privacy law integrating the GDPR adopted, what to do?

U.S. states pass data protection laws on the heels of the GDPR

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

CNIL Launches Public Consultation on Draft Standards on Data Processing for Managing Business Activities and Unpaid Invoices

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

California Enacts Broad Privacy Laws Modeled on GDPR

Stay Connected