Ransomware and the Role of Cyber Insurance via Teach Privacy

IG Guru

Professor Daneil Solove interviews Kimberly Horn about Cyber Insurance and Ransomeware here. The post Ransomware and the Role of Cyber Insurance via Teach Privacy appeared first on IG GURU.

How Cyber Insurance Is Changing in the GDPR Era

Data Breach Today

Privacy Breach Claims Are Rising, Says Thomas Clayton of Zurich Insurance Although the EU's General Data Protection Regulation only went into full effect on May 25, its mandatory privacy breach notifications are already having an effect on the cyber insurance marketplace, says Thomas Clayton of Zurich Insurance.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

GUEST ESSAY: Cyber insurance 101 — for any business operating in today’s digital environment

The Last Watchdog

To help mitigate the risk of financial losses, more companies are turning to cyber insurance. Related: Bots attack business logic Cyber insurance, like other forms of business insurance, is a way for companies to transfer some of numerous potential liability hits associated specifically with IT infrastructure and IT activities. Some coverage is inherently added to any cyber insurance policy. Best Practices Guest Blog Post Privacy Steps forward Top Stories

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Krebs on Security

The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. based First American is a leading provider of title insurance and settlement services to the real estate and mortgage industries.

Michigan Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

On December 28, 2018, Michigan adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law in the form of Michigan H.B. By doing so, Michigan joins Ohio and South Carolina as the third state to adopt the Model Law and the fifth state – along with Connecticut and New York – to have enacted cybersecurity regulations focused on insurance companies. This means all insurers, agencies, and brokers doing business in Michigan are covered.

Ohio Adopts National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law

Data Matters

On December 19, 2018, Ohio adopted the National Association of Insurance Commissioners’ (NAIC) Insurance Data Security Model Law. By doing so, Ohio joins South Carolina as the second state to have adopted the Model Law and the fourth state – along with Connecticut and New York – to have enacted cybersecurity regulations for insurance companies. This means all insurers, agencies, and brokers doing business in Ohio are covered.

Hunton Insurance Head Comments on Hotel Data Breach Coverage Dispute

Hunton Privacy

As reported on the Insurance Recovery Blog , Hunton Andrews Kurth insurance practice head Walter Andrews recently commented to the Global Data Review regarding the infirmities underlying an Orlando, Florida federal district court’s ruling that an insurer does not have to defend its insured for damage caused by a third-party data breach. To me, it’s clear that there were two reasonable interpretations of the insurance policy here.”.

New Hampshire Governor Signs Insurance Data Security Law

Hunton Privacy

On August 2, 2019, New Hampshire Governor Chris Sununu signed into law SB 194 (the “Bill”), which requires insurers licensed in the state (“licensees”) to put in place data security programs and report cybersecurity events. In addition, each insurer domiciled in the state must submit an annual written statement by March 1 that certifies that the insurer is in compliance with the requirements set forth. Cyber Insurance Cybersecurity Information Security U.S.

Yet Another Twist in Messy Aetna Privacy Breach Case

Data Breach Today

Health Insurer Sues Organizations That Represented HIV Patients in Earlier Privacy Dispute A messy legal case involving a 2017 privacy breach that has already cost Aetna about $20 million in settlements has taken yet another twist.

South Carolina Becomes the First State to Enact the National Association of Insurance Commissioners (NAIC) Insurance Data Security Model Law

Data Matters

In October 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. On May 3, 2018, South Carolina became the first state to enact this Model Law, in the form of the South Carolina Insurance Data Security Act (H.B. By doing so, South Carolina joined Connecticut and New York as states with cybersecurity regulations for insurance companies.

Hunton Privacy and Insurance Leaders Address Prevention and Insurability of Cyber Attacks

Hunton Privacy

Andrews, chair of the insurance coverage practice at Hunton & Williams, addressed the insurability of cybersecurity risks, explaining that “we’ve seen a sea change in a lot of areas in the last two years…There will always be liability no matter what, but cyber insurance has gone from a product a few companies acquired to one held by almost all. Cyber Insurance Cybersecurity Events Federal Bureau of Investigation Liability Lisa Sotto Privacy

Podcast Episode 117: Insurance Industry Confronts Silent Cyber Risk, Converged Threats

The Security Ledger

In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. In this episode of the podcast (#117), we go deep on one of the hottest sectors around: cyber insurance. The insurance was dirt cheap. Are insurers ready?

The App Creeping on Your IG Location, Jakarta’s Insurance Crisis, and More News

WIRED Threat Level

Security Security / PrivacyCatch up on the most important news from today in two minutes or less.

New York Department of Financial Services Issues Guidance Regarding Life Insurers’ Use of External Consumer Data in Underwriting

Data Matters

On January 18, 2019, the New York State Department of Financial Services (NYDFS) issued Circular Letter 2019-1 (the Circular Letter), addressing insurers’ use of external consumer data and information sources in underwriting for life insurance. In other words, insurers may not use an external data source to collect or use information that the insurer would otherwise be prohibited from collecting or using directly.

U.S. Treasury Expresses National Perspective In Response to NAIC Insurance Data Security Model Law

Data Matters

Department of Treasury released a 176-page Report examining the current regulatory framework for asset management and insurance industries. The Report, titled A Financial System That Creates Economic Opportunities: Asset Management and Insurance , identifies laws and regulations that are inconsistent with the Trump Administration’s Core Principles for financial regulation as set forth in Executive Order 13772 (Feb. On October 26, 2017, the U.S.

Insurance Customers’ Personal Data Exposed Due to Misconfigured NAS Server

Threatpost

The vulnerability also exposed login credentials for a massive national insurance claims database, Upguard says. Cloud Security Privacy Vulnerabilities Web Security NAS server ransomware UpGuard WannaCry

Most under-35s OK with insurers digital spying if it cuts prices

Information Management Resources

Despite that willingness by young customers to give up a level of data privacy, most insurance firms are already struggling to deliver a connected experience, says Jerome Bugnet. Data privacy Customer data Insurance Social media

EUROPE: New privacy rules for connected vehicles in Europe?

DLA Piper Privacy Matters

Following the EDBP, the introduction of connected vehicles is associated with various privacy and data protection risks. Personal data may be processed for a wide variety of purposes such as driver safety, insurance and efficient transportation.

China: Navigating China: Episode 10: Stricter data localisation and security rules for financial and insurance data in China

DLA Piper Privacy Matters

The PFI Guidelines will apply to regulated banks, financial institutions and insurance companies. transaction logs, transaction amount, insurance orders, insurance claims); user’s personal and financial information (e.g. Carolyn Bigg, Hong Kong.

ROUNDTABLE: Huge Capital One breach shows too little is being done to preserve data privacy

The Last Watchdog

That includes social security and social insurance numbers, bank account numbers, phone numbers, birth dates, email addresses and self-reported income; in short, just about everything on an identity thief’s wish list. Best security and privacy practices on everyone’s part is more imperative than ever. It could be FTC first, then European GDPR and Canadian PIPEDA, then upcoming California Consumer Privacy Act, and many other privacy regulations worldwide.

Tesco Bank Hack Illustrates Need for Robust Cyber Insurance

Hunton Privacy

As reported on the Insurance Recovery blog , earlier this week, retailer Tesco Plc’s (“Tesco”) banking branch reported that £2.5 Even that very substantial expenditure was not enough, however, to prevent the recent hack, illustrating the need for robust cyber insurance as a component of any comprehensive cyber protection program. Cyber Insurance Cybersecurity Financial Privacy Security Breach Consumer Protection Insurance Provider United Kingdom

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. The entering into effect of multiple state laws in this area may present challenges for insurance providers operating in states where such cybersecurity requirements are provided for.

The Woz on consumer privacy

Information Management Resources

In this exclusive video from Dig | In: The Digital Future of Insurance, Steve Wozniak, the co-founder of Apple and early supporter of the Electronic Frontier Foundation, discusses the importance of respective customers' privacy. Customer experience Data privacy

Coronavirus/COVID-19: Key Privacy and Security Considerations

Hunton Privacy

Companies suddenly find themselves dealing with a host of privacy issues and questions about sharing information with employees, customers and others. In addition, transitioning to a remote workforce can create privacy and data security concerns. Health Privacy Coronavirus/COVID-19 Data Transfer HIPAA Personal Health InformationThe outbreak of COVID-19 has dramatically changed the economy and working landscape of the United States and many other countries across the world.

Merger of CVS, Aetna raising privacy concerns for some

Information Management Resources

Insurance M&A Integrations Data privacy UnitedHealthcareBoth companies have vast stores of data that could compromise identities, says Deborah Peel.

Insurance Coverage for Security Breach Lawsuits

Hunton Privacy

As the number of security breach incidents and privacy violations continues to increase, so too has the volume of lawsuits—particularly class action lawsuits—seeking damages for actual and future harms resulting from unauthorized disclosures of personal information. Insurance Coverage for Privacy Violation Lawsuits, co-author William T. Cyber Insurance Security Breach Class Action Insurance Provider Litigation Social Security Number ZIP Code

What’s In Your Business Plan? California’s Privacy Law Goes Into Effect

Adam Levin

California’s groundbreaking privacy law went into effect January 1, 2020. The California Consumer Privacy Act (CCPA) requires businesses to inform state residents if their data is being monetized as well as to provide them with a clearly stated means of opting out from the collection of their data and/or having it deleted. The primary exception to the CCPA are companies subject to California’s Insurance Information and Privacy Protection Act (IIPPA). .

Health Insurer Reaches Privacy Settlement with New Jersey Division of Consumer Affairs

Hunton Privacy

million as part of a settlement with the New Jersey Division of Consumer Affairs (the “Division”) regarding allegations that Horizon did not adequately protect the privacy of nearly 690,000 policyholders. The stolen laptops contained policyholder electronic Protected Health Information (“ePHI”), including names, addresses, birth dates, insurance identifications and, in some cases, Social Security numbers and clinical data. Health Privacy Information Security Security Breach U.S.

Data Privacy Laws in Financial Services: NYDFS 500

Perficient Data & Analytics

In my previous post, I discussed what data privacy is and why it’s important? In my post today I want to discuss data privacy laws, specifically involving New York State Department of Financial Services (NYDFS) 23 NYCRR 500. Insurance companies.

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act. The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences companies.

Google’s Project Nightingale Health Data Practice Raises Privacy Concerns

Adam Levin

citizens, raising serious concerns about patient privacy. Google’s access to patient data raises concerns among privacy advocates, particularly because at least 150 of the company’s employees have full access to highly personal information without patient consent or notification. . Of perhaps even greater concern is the fact that Google’s apparent data mining is legal according to federal law, specifically the Health Insurance Portability and Accountability Act of 1996, or HIPAA.

Using Information Governance to Manage the Commingling of Minors’ Claim Files

InfoGoTo

Privacy laws and regulations are changing at a rapid pace in the United States. As these and other statutes evolve and legal holds are lifted, insurers need to be prepared to address their legacy records. For P&C insurers, the handling of retention and disposition of minor claims files have historically been challenging due to poor information governance (IG) practices. Insurers’ real-world experiences. What insurance companies can do.

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act. The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences companies.

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act. The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences companies.

9 Topics to Cover in Your Privacy Awareness Training Program

MediaPro

True employee awareness of data privacy is not just about keeping sensitive documents from prying eyes. Here are nine topics a comprehensive privacy awareness program should cover. A privacy awareness program needs to cover the basics.

GDPR’s First 150 Days Impact on the U.S.

Threatpost

Weighing the impact of GDPR and how the historic legislation has shaped privacy protection measures in the U.S., Government Privacy Apple CEO Tim Cook GDPR General Data Protection Regulation Health Insurance Portability and Accountability Act HIPAA International Conference of Data Protection and Privacy Commissioners Conferenceso far.

GDPR 78

Time and tide waits for no man – IoT in Insurance

CGI

Time and tide waits for no man – IoT in Insurance. This old saying could also be applied for what is happening in the insurance market with IoT and that given the drive behind IoT in both the consumer and business markets. p.butler@cgi.com. Fri, 05/27/2016 - 07:25. Table.

Keeping Up with New Data Protection Regulations

erwin

Some suggest the California Consumer Privacy Act (CCPA), which takes effect January 1, 2020, sets a precedent other states will follow by empowering consumers to set limits on how companies can use their personal information.

New Payment Technologies Should Reduce Demand for Cyber Insurance

Hunton Privacy

Hunton & Williams Insurance Litigation & Counseling partner Lon Berk reports: As the demand for cyber insurance has skyrocketed, so too has the cost. New payment technologies, however, will change the need for this type of cyber insurance. the need for cyber insurance protecting retailers against point-of-sale malware should sharply drop. Cyber Insurance Cybersecurity Payment Card

Sales 40

First American Financial Corp. Data Records Leak

Schneier on Security

Krebs on Security is reporting a massive data leak by the real estate title insurance company First American Financial Corp. That's obviously not true; security and privacy are probably pretty low priorities for the company. dataloss dataprotection insurance leaks