Groups, Insurance and Privacy - Information Management Today

ROUNDTABLE: What happened in privacy and cybersecurity in 2021 — and what’s coming in 2022

The Last Watchdog

DECEMBER 27, 2021

In 2021, we endured the fallout of a seemingly endless parade of privacy controversies and milestone cyber attacks. On the privacy front, California beefed up its consumer data privacy regulations even as Facebook and Apple publicly feuded over how each of these tech giants abuse of consumer privacy and loosey handle sensitive data.

Privacy

Privacy Cybersecurity Ransomware Insurance

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The SEC says First American derives nearly 92 percent of its revenue from its title insurance segment, earning $7.1 Title insurance protects homebuyers from the prospect of someone contesting their legitimacy as the new homeowner. Title insurance is not mandated by law, but most lenders require it as part of any mortgage transaction.

Insurance

Insurance Risk Financial Services Mining

The Week in Cyber Security and Data Privacy: 11 – 18 December 2023

IT Governance

DECEMBER 19, 2023

We’re also introducing two new categories this week: ‘AI’ and ‘Key dates’. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. ALPHV claims to have 8 TB of data, including data sets from Coca-Cola, Procter & Gamble, and Pepsi.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This legislation was enacted on an extraordinarily accelerated timeframe as part of compromise with the sponsor of a comparable privacy ballot initiative, which had qualified to be placed before state voters on Election Day in November 2018.

GDPR

GDPR Privacy Sales Data breaches

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

These records are typically organized by grouping them by function or department and then described as either an individual record or grouped together into a record category. Certain sectors, such as banking, financial services, health, and insurance have their own data protection and privacy requirements.

Personal data

Personal data GDPR Privacy Records Management

List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached

IT Governance

NOVEMBER 1, 2022

As always, you can find the full list of data breaches and cyber attacks below, divided into their respective categories. However, it’s a warning sign for all organisations about the dangers of misconfigured Internet-facing servers. Cyber attacks.

Data breaches

Data breaches Ransomware Insurance Phishing

ICO issue fine of £4.4 to Interserve for security failings

DLA Piper Privacy Matters

OCTOBER 25, 2022

On 24 October 2022, the ICO issued a penalty notice (MPN) to Interserve Group Limited (Interserve), imposing a fine of £4.4m A phishing email was sent to a group employee which was designed to appear as though the attached document needed urgent action. Authors: Ross McKean , Henry Pelling. The Incident.

Security

Security GDPR Personal data Insurance

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

Data Matters

APRIL 10, 2020

While the world seems to have ground to a halt in so many ways, time still marches on, and along with it, the California Consumer Privacy Act (“CCPA”) enforcement date (July 1, 2020) inches ever closer. Restoration of privacy policy disclosures (§ 999.308). Guidance on user-enabled global privacy controls (§ 999.315).

Privacy

Privacy Sales Insurance Compliance

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This legislation was enacted on an extraordinarily accelerated timeframe as part of compromise with the sponsor of a comparable privacy ballot initiative, which had qualified to be placed before state voters on Election Day in November 2018.

GDPR

GDPR Privacy Sales Data breaches

Regulatory Update: NAIC Summer 2020 National Meeting

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. Annuity Suitability Working Group Drafting FAQ Document to Facilitate Uniformity in State Adoption of Revised Suitability in Annuity Transactions Model Regulation.

Insurance

Insurance Paper Artificial Intelligence Big data

List of Data Breaches and Cyber Attacks in July 2022 – 99.2 Million Records Breached

IT Governance

AUGUST 1, 2022

You can find the full list below, broken into categories. Welcome to our July 2022 review of data breaches and cyber attacks. We identified 85 security incidents during the month, resulting in 99,243,757 compromised records. Cyber attacks. Ransomware. million) Idaho-based St. million) Idaho-based St. Data breaches.

Data breaches

Data breaches Ransomware Insurance Access

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

Consumer privacy rights in California are well established. The California Constitution expressly grants California citizens a right to privacy. California law also requires businesses that suffer a breach of security to disclose the breach to consumers, and in some instances law enforcement, if sensitive information is compromised.

Privacy

Privacy Sales Compliance Cybersecurity

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

Consumer privacy rights in California are well established. The California Constitution expressly grants California citizens a right to privacy. California law also requires businesses that suffer a breach of security to disclose the breach to consumers, and in some instances law enforcement, if sensitive information is compromised.

Privacy

Privacy Sales Education Compliance

HHS Issues New Model Privacy Notice for PHR Vendors

Hunton Privacy

SEPTEMBER 15, 2011

On September 12, 2011, the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (“ONC”) unveiled a model privacy notice for personal health records (the “PHR Model Privacy Notice”).

Privacy

Privacy Healthcare Insurance Personal data

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security policy management (NSPM): Centralizes control and management of policies to be enforced across network firewalls, routers, and other equipment. These controls include: Active Directory (AD): Manages users, groups, and passwords as a fundamental access control for an organization and the basis for most other security tools.

Security

Security Cloud Cybersecurity Risk

The Netherlands: Health sector once again on the radar of DPA

DLA Piper Privacy Matters

DECEMBER 14, 2018

The Dutch Data Protection Authority ( Autoriteit Persoonsgegevens , “ Dutch DPA “) previously stated that it shall focus its enforcement actions on the public and health sector, and seems to act upon its words.

GDPR

GDPR Personal data Insurance Privacy

CCPA: “Attorney General Amendment” Likely Dead

Data Protection Report

MAY 17, 2019

561, the “Attorney General amendment” to the California Consumer Privacy Act (“CCPA”). It would have deleted the 30-day cure period that enables a company to remedy an issue prior to Attorney General enforcement. 3/20 – re-referred to Committee on Privacy and Consumer Protection. Bills to expand CCPA. 10-word summary.

Retail

Retail Privacy Insurance Manufacturing

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

For over two and a half years, California has enjoyed the spotlight of having the most comprehensive data privacy law in the United States. The VCDPA, which will not enter into effect until January 1, 2023, borrows heavily from the California Consumer Privacy Act (CCPA) and the European Union (EU) General Data Protection Regulation (GDPR).

Personal data

Personal data GDPR Sales Privacy

Nevada, New York and other states follow California’s CCPA

Data Protection Report

JUNE 6, 2019

The US privacy law landscape continues to shift and evolve as state and federal privacy legislative proposals continue to be debated and become enacted. While CCPA-like bills in Washington and Texas failed to pass, Nevada passed its online privacy amendment and proposals in New York and Washington, DC appear to be gaining momentum.

Sales

Sales Privacy Insurance Manufacturing

U.S. Department of Transportation Issues Third Round of Guidance on Automated Vehicles

Data Matters

NOVEMBER 5, 2018

To fulfill this role, the guidance lays out three broad categories for federal action: First, AV 3.0 public disclosures), or where a lack of private sector investment may create distributional issues that disadvantage particular groups (e.g., makes clear that DOT will integrate safety into surface transport administration.

Cybersecurity

Cybersecurity Government Communications Privacy

FRANCE: CNIL adopts new single authorization on fraud prevention systems

DLA Piper Privacy Matters

SEPTEMBER 29, 2017

Pursuant to several provisions of the French Code Monétaire et Financier , entities from the banking and financial sector are required to implement processes and strategies to detect, measure and manage operational risks within their group (on a consolidated basis). 511-20-III of the French Code Monétaire et Financier and related regulations.

Personal data

Personal data Financial Services Risk Insurance

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Data Matters

FEBRUARY 10, 2022

He also signaled the SEC’s continued focus on enforcement and cooperation with other law enforcement agencies. The post SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon appeared first on Data Matters Privacy Blog. These SEC rules could broadly affect cybersecurity requirements across the U.S. 24, 2022), [link].

Cybersecurity

Cybersecurity Marketing Risk Compliance

Mic Drop: California AG releases long-awaited CCPA Rulemaking

Data Protection Report

OCTOBER 11, 2019

On October 10, 2019, with just weeks to go until the law goes into effect, the California Attorney General released the long-awaited draft regulations for the California Consumer Privacy Act (CCPA). The proposed rules shed light on how the California AG is interpreting and will be enforcing key sections of the CCPA. 999.313 (c)(4)).

Sales

Sales Retail Privacy Access

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

We have shared below some interesting points that we’ve seen arising recently, all of which relate to how things are likely to develop from today onwards, including enforcement predictions, challenges related to operationalizing data subject access procedures, and how the GDPR may change the data privacy litigation landscape in Europe.

GDPR

GDPR Personal data Compliance Data breaches

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

SEPTEMBER 27, 2021

This part also discusses managing CS risks such as ransomware, privacy, change management, and user adoption. Thus, common tools and techniques are risk matrices, risk registers, risk logs, risk breakdown structures, risk categories, Monte Carlo simulations, and sensitivity analyses. Jurisdiction and Privacy Data Risks.

Digital transformation

Digital transformation Risk IT Computer and Electronics

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

Noble Lords will be familiar with the role of the Information Commissioner, whose role is to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. We think that this super-complainant system would help to protect anonymity and create a stronger enforcement framework.

GDPR

GDPR Personal data Government IT

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

Recent guidance from the Securities and Exchange Commission (SEC) on disclosure and enforcement actions by the Federal Trade Commission (FTC) make clear that cybersecurity is no longer a niche topic, but a concern significant enough to warrant the oversight of corporate boards of directors. Designing an Enterprise-Level Approach.

Cybersecurity

Cybersecurity Risk Passwords Authentication

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

DLA Piper Privacy Matters

FEBRUARY 7, 2019

GDPR also makes it easier for group litigation. Group litigation risk is real with the recent Morrisons decision in the UK a notable recent example. a mechanism for delivering privacy notices). Before we look at limiting liability, we need to first consider how liability can arise in the first place in the context of GDPR.

GDPR

GDPR Risk Data breaches Personal data

Information Management Today

ROUNDTABLE: What happened in privacy and cybersecurity in 2021 — and what’s coming in 2022

First American Financial Pays Farcical $500K Fine

Webinars

Trending Sources

The Week in Cyber Security and Data Privacy: 11 – 18 December 2023

Webinars

California Enacts Broad Privacy Laws Modeled on GDPR

The Impact of Data Protection Laws on Your Records Retention Schedule

List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached

ICO issue fine of £4.4 to Interserve for security failings

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

California Enacts Broad Privacy Protections Modeled on GDPR

Regulatory Update: NAIC Summer 2020 National Meeting

List of Data Breaches and Cyber Attacks in July 2022 – 99.2 Million Records Breached

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

HHS Issues New Model Privacy Notice for PHR Vendors

Network Security Architecture: Best Practices & Tools

The Netherlands: Health sector once again on the radar of DPA

CCPA: “Attorney General Amendment” Likely Dead

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Nevada, New York and other states follow California’s CCPA

U.S. Department of Transportation Issues Third Round of Guidance on Automated Vehicles

FRANCE: CNIL adopts new single authorization on fraud prevention systems

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Mic Drop: California AG releases long-awaited CCPA Rulemaking

GDPR is upon us: are you ready for what comes next?

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

The debate on the Data Protection Bill in the House of Lords

An Approach to Cybersecurity Risk Oversight for Corporate Directors

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

Stay Connected