GDPR, Insurance, Privacy and Security - Information Management Today

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

Why Cyber Insurance is Essential in 2022

IT Governance

MAY 24, 2022

Organisations must always look for cost-effective ways to address the cyber security risks they face. With more than 1,200 publicly disclosed data breaches last year , and organisations spending almost £3 million on average responding to security incidents , effective risk management is a top priority. The benefits of cyber insurance.

Insurance

Insurance Data breaches GDPR Ransomware

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

These are just some examples of how organizations support data privacy , the principle that people should have control of their personal data, including who can see it, who can collect it, and how it can be used. One cannot overstate the importance of data privacy for businesses today.

Data Privacy

Data Privacy Privacy GDPR Personal data

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

The Last Watchdog

APRIL 30, 2019

Related: How NIST protocols fit SMBs The essence of the NIST CSF is showing up in the privacy regulations now being enforced in Europe, as well as in a number of U.S. I had the chance at RSA 2019 to visit with George Wrenn, founder and CEO of CyberSaint Security , a cybersecurity software firm that plays directly in this space.

Cybersecurity

Cybersecurity Insurance Security Privacy

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing. Traditionally, privacy has taken the form of a policy document created, housed, and referenced by the offices of general counsel and compliance at most organizations. Data privacy is not a check-the-box compliance or security item.

Data Privacy

Data Privacy Privacy Security Encryption

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

LockBit claims responsibility for Capital Health security incident The LockBit ransomware group has claimed responsibility for an attack on Capital Health , a healthcare provider in Pennington, New Jersey, last November. They accessed 41.5 The compromised data allegedly includes names, email addresses and phone numbers.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

The Last Watchdog

OCTOBER 29, 2018

The headlines immediately attempted to lay the blame, in large part, on the fact that Equifax’s chief information security officer was a music major and did not have a background in technology. The FTC considers that ‘reasonable security’ doesn’t mean ‘perfect security.’ Equifax was not special in this regard. Reduced penalties.

Security

Security Data Privacy Privacy Data breaches

EUROPE: Are GDPR fines insurable in the countries where you operate?

DLA Piper Privacy Matters

MAY 17, 2018

DLA Piper and Aon have launched a guide ‘ The price of data security ‘, ahead of the General Data Protection Regulation (GDPR), effective from 25 May 2018. The guide reviews the insurability of GDPR fines across Europe, which can reach up to €20 million or, if higher, up to 4% of a group’s annual global turnover.

Insurance

Insurance GDPR Data breaches Personal data

Mastering healthcare data governance with data lineage

IBM Big Data Hub

MAY 9, 2024

Healthcare organizations need a strong data governance framework to help ensure compliance with regulations like the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in the US and the General Data Protection Regulation (GDPR) in the EU. Opting for a catalog-agnostic solution helps you address this issue.

Government

Government GDPR Compliance Analytics

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

This is the 11th post in a series on privacy by Andrew Pery. You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning.

GDPR

GDPR Compliance Privacy Data Privacy

Securing AI Deployments: Striking the Balance

OpenText Information Management

MAY 10, 2024

If it’s not accurate, accessible, and secure, organizations won’t get the desired results. Since AI relies on data to learn and improve, organizations must ensure their data is accurate, accessible, and secure. Examples include names, mailing addresses, phone numbers, social insurance numbers, and credit card details.

Security

Security Artificial Intelligence Privacy Compliance

What Is Information Security Management?

IT Governance

FEBRUARY 22, 2022

Information security management is a way of protecting an organisation’s sensitive data from threats and vulnerabilities. The process is typically embedded via an ISMS (information security management system) , which provides the framework for managing information security. Why is information security management important?

Information Security

Information Security Security Data breaches Risk

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This legislation was enacted on an extraordinarily accelerated timeframe as part of compromise with the sponsor of a comparable privacy ballot initiative, which had qualified to be placed before state voters on Election Day in November 2018.

GDPR

GDPR Privacy Sales Data breaches

Italy: Privacy law integrating the GDPR adopted, what to do?

DLA Piper Privacy Matters

MAY 14, 2018

The Italian privacy law integrating the GDPR has been finalized by the Board of Ministers, unveiling unexpected surprises a few days before the 25th of May 2018. Below are my top 5 derogations to the GDPR provided by the Italian privacy law: 1. Criminal sanctions for privacy breaches confirmed.

GDPR

GDPR Privacy Systems administration Compliance

Automated Security and Compliance Attracts Venture Investors

eSecurity Planet

FEBRUARY 14, 2023

I remember the first time we were asked for a SOC 2 report, which quickly became the minimum bar requirement in our industry for proof of an effective security program,” he said. The vision was to automate security and compliance across 14 frameworks, including SOC 2, ISO 27001, HIPAA and GDPR. Growth has definitely been robust.

Compliance

Compliance Security Cybersecurity Marketing

Data protection strategy: Key components and best practices

IBM Big Data Hub

MAY 28, 2024

To fulfill these principles, data protection strategies generally focus on the following three areas: Data security —protecting digital information from unauthorized access, corruption or theft throughout its entire lifecycle. billion fine on the California-based Meta for GDPR violations.

Data breaches

Data breaches GDPR Compliance Encryption

ROUNDTABLE: Huge Capital One breach shows too little is being done to preserve data privacy

The Last Watchdog

AUGUST 1, 2019

That includes social security and social insurance numbers, bank account numbers, phone numbers, birth dates, email addresses and self-reported income; in short, just about everything on an identity thief’s wish list. Best security and privacy practices on everyone’s part is more imperative than ever.

Data Privacy

Data Privacy Privacy Data breaches Cloud

EUROPE: New privacy rules for connected vehicles in Europe?

DLA Piper Privacy Matters

MAY 5, 2020

Main takeaways from the EDBP guidelines are: Connected vehicles raise various privacy and data protection concerns, such as the lack of control and information asymmetry, the risk of excessive data collection; the risk of unlawful further processing of personal data; Most data associated with connected vehicles are considered as personal data (e.g.

Privacy

Privacy Personal data GDPR Insurance

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This legislation was enacted on an extraordinarily accelerated timeframe as part of compromise with the sponsor of a comparable privacy ballot initiative, which had qualified to be placed before state voters on Election Day in November 2018.

GDPR

GDPR Privacy Sales Data breaches

UK Information Commissioner’s Office Fines Construction Company £4.4 Million for Breach of Security Obligations

Hunton Privacy

OCTOBER 25, 2022

million fine to Interserve Group Limited for failing to keep employee personal data secure, which violates Article 5(1)(f) and Article 32 of the EU General Data Protection Regulation (“GDPR”), during the period of March 2019 to December 2020. On October 24, 2022, the UK Information Commissioner’s Office (“ICO”) issued a £4.4

Security

Security Personal data GDPR Insurance

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Data Matters

AUGUST 9, 2021

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”). Connecticut: An Act Concerning Data Privacy Breaches. Uniform Personal Data Protection Act.

Data breaches

Data breaches Privacy Personal data Data Privacy

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

With a mammoth GDPR fine handed out to Google last week, it’s time for organisations to reassess their understanding of the Regulation. We’re through the eye of the GDPR (General Data Protection Regulation) storm. The GDPR concerns personal data that is: Collected in an enterprise context; and. Some began to lose faith.

GDPR

GDPR Compliance Personal data Data breaches

RSA Conference 2023: Meet Thales Where the World Talks Security!

Thales Cloud Protection & Licensing

APRIL 18, 2023

RSA Conference 2023: Meet Thales Where the World Talks Security! Meet us at Booth #N-5369 for demonstrations on data security, customer and workforce identity, and post quantum cryptography – just to name a few. Security teams must build quantum resilience today to protect their business from emerging risks.

Security

Security Digital transformation Privacy Cybersecurity

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR

GDPR Personal data Privacy Information architecture

CIPL and AvePoint Release Global GDPR Readiness Report

Hunton Privacy

NOVEMBER 10, 2016

On November 9, 2016, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP and AvePoint released the results of a joint global survey launched in May 2016 concerning organizational preparedness for implementing the EU General Data Protection Regulation (“GDPR”).

GDPR

GDPR Data Privacy Compliance Privacy

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

Information Governance Perspectives

MAY 10, 2020

In May of 2020 I was honored to speak at the MERv conference with John Frost of Box on the topic of Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance. Privacy makes data governance ethical and tangible, and compliance leaders understand that.

Compliance

Compliance Information governance Privacy Data Privacy

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies. The group has diversified its activities into the banking and insurance, travel agency and e-commerce sectors.

GDPR

GDPR Personal data Data collection Marketing

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

While there are similarities with EU/UK GDPR – and sufficient harmonisation with data protection laws across APAC to continue a regional data compliance in Asia – the practicalities of implementation and compliance should not be underestimated. data subjects, using the GDPR terminology) located within India.

Personal data

Personal data GDPR Data breaches Compliance

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy

Data Privacy Privacy Compliance Analytics

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

This past year was marked by ever more significant data breaches, growing cybersecurity regulatory requirements at the state and federal levels and continued challenges in harmonizing international privacy and cybersecurity regulations. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

What’s In Your Business Plan? California’s Privacy Law Goes Into Effect

Adam Levin

JANUARY 2, 2020

California’s groundbreaking privacy law went into effect January 1, 2020. The California Consumer Privacy Act (CCPA) requires businesses to inform state residents if their data is being monetized as well as to provide them with a clearly stated means of opting out from the collection of their data and/or having it deleted.

Privacy

Privacy Insurance GDPR Personal data

GDPR: It’s Christmas – A time of good FEAR!

CGI

DECEMBER 19, 2017

GDPR: It’s Christmas – A time of good FEAR! The biggest regulatory driver in 2018 will be the introduction of the General Data Protection Regulation (GDPR) in May. Larger organisations have certainly started to appoint senior executives to data protection and privacy ownership roles. Tue, 12/19/2017 - 14:18. That’s a concern.

GDPR

GDPR Insurance Risk Privacy

In Today’s Privacy Environment, That’s the Way the (Website) Cookie Crumbles: Data Privacy Trends

eDiscovery Daily

FEBRUARY 11, 2019

It’s only been three weeks, but we’ve already talked plenty about the first big GDPR fine of €50 million (or about $56.8 million ) fine to Google for failing to comply with GDPR. As covered in Alston & Bird’s Privacy and Data Security Blog ( Google-Style GDPR Fines for Everyone?

Privacy

Privacy Data Privacy GDPR Compliance

ICO issue fine of £4.4 to Interserve for security failings

DLA Piper Privacy Matters

OCTOBER 25, 2022

for violations of the GDPR (the violations were pre-Brexit). The ICO found that Interserve had failed to put appropriate technical and organisational measures in place to secure personal data (in contravention of Articles 5(1)(f) and 32 GDPR) for a period of ~20 months. The Incident.

Security

Security GDPR Personal data Insurance

Staying Ahead of the Curve: 6 Top Legal Tech Trends to Watch in 2023

ARMA International

AUGUST 7, 2023

These include artificial intelligence (AI), hybrid and remote work collaboration, cloud, workflow automation and customization, mail processing and digitization, and security and data privacy. Are their levels of security and privacy protocols leaving them vulnerable to breaches and cyberattacks?

Artificial Intelligence

Artificial Intelligence Cloud Data Privacy Privacy

Biden Cybersecurity Strategy: Big Ambitions, Big Obstacles

eSecurity Planet

MARCH 3, 2023

The initiatives that stand out the most — critical infrastructure security standards, a national data privacy and security law, and liability for security failures — will likely take time and the support of Congress to implement. is the creation of mandatory requirements for critical infrastructure security.

Cybersecurity

Cybersecurity Government Manufacturing Personal data

Data Protection in Financial Services Week 2022

Data Matters

FEBRUARY 25, 2022

Join us from February 28 – March 3 for DPFS Week 2022 , a series of webinars looking at the impacts of data privacy across the financial sector. Hear from industry speakers on: How the latest privacy and cybersecurity developments in Europe and the U.S. Securities and Exchange Commission. have impacted financial services.

Financial Services

Financial Services Privacy Data Privacy Cybersecurity

Data security: Why a proactive stance is best

IBM Big Data Hub

JULY 7, 2023

But with a proactive approach to data security, organizations can fight back against the seemingly endless waves of threats. IBM Security X-Force found the most common threat on organizations is extortion, which comprised more than a quarter (27%) of all cybersecurity threats in 2022. Where do data breaches originate?

Security

Security Data breaches Data Privacy Compliance

Keeping Up with New Data Protection Regulations

erwin

APRIL 11, 2019

Keeping up with new data protection regulations can be difficult, and the latest – the General Data Protection Regulation (GDPR) – isn’t the only new data protection regulation organizations should be aware of. Less than four months before GDPR came into effect, only 6 percent of enterprises claimed they were prepared for it.

GDPR

GDPR e-Discovery Compliance Metadata

UK: The rise of privacy group action risk

DLA Piper Privacy Matters

DECEMBER 7, 2017

Two recent developments in the United Kingdom highlight the growing risk of privacy litigation and “group actions” which is likely to further increase following the enactment of the General Data Protection Regulation (“ GDPR “) in May 2018.

Risk

Risk Privacy GDPR Data breaches

Automating Security Risk Assessments for Better Protection

eSecurity Planet

JANUARY 12, 2021

Protecting your organization from IT security risks is an ongoing, fluid task. Proactively identifying, mitigating and remediating security threats is one of the biggest challenges today’s global businesses face. Components of Security Risk Assessments. Cybersecurity preparedness/ insurance. Endpoint protection.

Risk

Risk Security Cybersecurity Compliance

Book Recommendation: Tomorrow’s Jobs Today authored by Rafael and Abby Moscatel via IG GURU

IG Guru

AUGUST 12, 2021

Rafael is a well-respected Information Governance Professional (IGP), Certified Records Manager (CRM), and Certified Information Privacy Manager (CIPM). Abby is a California trial attorney for State Farm Mutual Automobile Insurance Company. Both of their bios are available in the book. The book […].

Records Management

Records Management Information governance Insurance Privacy

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. However, the challenges of GDPR certainly don’t end on the date this law goes into implementation. Many of our clients ask us when and how they may be called upon to demonstrate compliance with the GDPR.

GDPR

GDPR Personal data Compliance Data breaches

New CNIL €400,000 fine for data security breaches and non-compliance with data retention period under the GDPR

Data Protection Report

JULY 8, 2019

The issue giving rise to the financial penalty was a security breach relating to the company’s website notified by a user to the CNIL on 12 August 2018. According to SERGIC, the website’s security breach could have impacted around 29,440 users.

GDPR

GDPR Personal data Compliance Security

Security Compliance & Data Privacy Regulations

Why Cyber Insurance is Essential in 2022

Webinars

Trending Sources

Data privacy examples

Webinars

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

EUROPE: Are GDPR fines insurable in the countries where you operate?

Mastering healthcare data governance with data lineage

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

Securing AI Deployments: Striking the Balance

What Is Information Security Management?

California Enacts Broad Privacy Laws Modeled on GDPR

Italy: Privacy law integrating the GDPR adopted, what to do?

Automated Security and Compliance Attracts Venture Investors

Data protection strategy: Key components and best practices

ROUNDTABLE: Huge Capital One breach shows too little is being done to preserve data privacy

EUROPE: New privacy rules for connected vehicles in Europe?

California Enacts Broad Privacy Protections Modeled on GDPR

UK Information Commissioner’s Office Fines Construction Company £4.4 Million for Breach of Security Obligations

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Wake up to the reality of the GDPR: What you need to know about compliance

RSA Conference 2023: Meet Thales Where the World Talks Security!

GDPR – The Year in Review

CIPL and AvePoint Release Global GDPR Readiness Report

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

India: New Digital Personal Data Protection Act, Start Planning Now.

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

Privacy and Cybersecurity Top 10 for 2018

What’s In Your Business Plan? California’s Privacy Law Goes Into Effect

GDPR: It’s Christmas – A time of good FEAR!

In Today’s Privacy Environment, That’s the Way the (Website) Cookie Crumbles: Data Privacy Trends

ICO issue fine of £4.4 to Interserve for security failings

Staying Ahead of the Curve: 6 Top Legal Tech Trends to Watch in 2023

Biden Cybersecurity Strategy: Big Ambitions, Big Obstacles

Data Protection in Financial Services Week 2022

Data security: Why a proactive stance is best

Keeping Up with New Data Protection Regulations

UK: The rise of privacy group action risk

Automating Security Risk Assessments for Better Protection

Book Recommendation: Tomorrow’s Jobs Today authored by Rafael and Abby Moscatel via IG GURU

GDPR is upon us: are you ready for what comes next?

New CNIL €400,000 fine for data security breaches and non-compliance with data retention period under the GDPR

Stay Connected