Insurance, Sales and Security - Information Management Today

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

Armstrong Archives

DECEMBER 19, 2023

No matter the size of a business, a well-defined record retention policy serves multiple purposes: ensuring compliance with legal and regulatory requirements, aiding in efficient document management, and securing sensitive information. Each category will have different legal and operational retention requirements.

Compliance

Compliance Archiving Digital transformation Sales

List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached

IT Governance

NOVEMBER 1, 2022

We identified 102 security incidents throughout the month, which is the second largest figure so far this year – trailing only August (112). As always, you can find the full list of data breaches and cyber attacks below, divided into their respective categories. Welcome to our October 2022 review of data breaches and cyber attacks.

Data breaches

Data breaches Ransomware Insurance Phishing

Oregon Consumer Privacy Act

Hunton Privacy

JULY 12, 2023

The OCPA provides an exemption to personal data subject to the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act, and a number of other federal laws. Thus, like most other comprehensive state privacy laws, employee data and business-to-business data are excluded from the scope of the OCPA.

Privacy

Privacy Personal data Insurance Sales

Regulatory Update: NAIC Summer 2022 National Meeting

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance

Insurance Paper Privacy Risk

What Is Integrated Risk Management? Definition & Implementation

eSecurity Planet

APRIL 29, 2024

Business Objectives Business objectives define the goals of an organization beyond simple financial measures of sales and profit. In our examples, the clothing brand secures a segregated design team with physical locks on the doors, extra computer security to prevent digital theft, and a backup solution for their marketing data.

Risk

Risk Compliance Communications Insurance

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

Data Matters

APRIL 10, 2020

Among other disclosure requirements, privacy policies must identify (i) the categories of sources from which personal information is collected from consumers, and (ii) the business or commercial purpose for collecting or selling personal information. However, the current framing does support a more simplified disclosure structure.

Privacy

Privacy Sales Insurance Compliance

How to Find & Choose IT Outsourcing Services

eSecurity Planet

AUGUST 4, 2023

Even a robust IT or security department will find certain tasks or projects beyond their capabilities. But ignoring issues that you lack the time or expertise for can risk operational failure or security incidents. In smaller companies, the issues become even more profound.

IT

IT Compliance Cybersecurity Communications

How to Develop an Incident Response Plan

eSecurity Planet

DECEMBER 9, 2021

We make IT, security, or any business decision by weighing the risks and the rewards. What investments can we make to drive down costs or increase sales? Or as is often the case with security, what costs can we skip and still escape big penalties later? Be in-line with insurance policies. Yet, it can get worse.

Insurance

Insurance Ransomware Data breaches Cloud

List of Data Breaches and Cyber Attacks in August 2022 – 97 Million Records Breached

IT Governance

SEPTEMBER 1, 2022

Meanwhile, the bastion of password security, LastPass, announced that its systems had been breached – although the organisation is confident that customers’ details remain secure. In total, we identified 112 publicly disclosed security incidents in August, resulting in 97,456,345 compromised records. Cyber attacks. Ransomware.

Data breaches

Data breaches Ransomware Energy and Utilities Phishing

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

An analysis of the bill prepared by the California Assembly before the vote also indicated that AB 375 was intended to address controversies concerning third-party sale of personal information acquired from social media without data subjects’ authorization. Specific categories defined as personal information include. geolocation data.

GDPR

GDPR Privacy Sales Data breaches

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

There are prohibitions on illegal collection, use, processing, sale, disclosure and transfer of personal information. Therefore, a localised (or regional) compliance programme is strongly recommended, and indeed will enable organisations to seize opportunities to do more with their China data (within a compliant framework).

Data Privacy

Data Privacy Privacy Compliance Analytics

Deciding Which Paper Files to Keep, Which to Scan, Which to Shred

Armstrong Archives

DECEMBER 20, 2018

Before beginning to deaccession or shred materials, make sure to read up on the laws that govern your specific region and category. After the timeframe ends, you should shred these documents for data security purposes. Bills of sale. We simplify service and security without sacrificing protection of your sensitive records.

Paper

Paper Archiving Sales Records Management

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

An analysis of the bill prepared by the California Assembly before the vote also indicated that AB 375 was intended to address controversies concerning third-party sale of personal information acquired from social media without data subjects’ authorization. Specific categories defined as personal information include. geolocation data.

GDPR

GDPR Privacy Sales Data breaches

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

KnowBe4

FEBRUARY 14, 2023

link] Spear Phishing Attacks Increase 127% As Use of Impersonation Skyrockets Impersonation of users, domains and brands is on the rise, as is the use of malicious links, in response to security vendors improving their ability to detect malicious attachments. Blog post with links: [link] Are Your Users Making Risky Security Mistakes?

Phishing

Phishing Security awareness Compliance Risk

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

California law also requires businesses that suffer a breach of security to disclose the breach to consumers, and in some instances law enforcement, if sensitive information is compromised. The International Association of Privacy Professionals estimates at least 500,000 U.S. businesses will fall within the scope of the CCPA.

Privacy

Privacy Sales Compliance Cybersecurity

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

California law also requires businesses that suffer a breach of security to disclose the breach to consumers, and in some instances law enforcement, if sensitive information is compromised. The International Association of Privacy Professionals estimates at least 500,000 U.S. businesses will fall within the scope of the CCPA.

Privacy

Privacy Sales Education Compliance

Regulatory Update: NAIC Fall 2020 National Meeting

Data Matters

DECEMBER 28, 2020

The National Association of Insurance Commissioners (NAIC) held its Fall 2020 National Meeting (Fall Meeting) December 3-9, 2020. NAIC Adopts the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act. Insurance groups will be exempt from filing a GCC if. groups to non-U.S.

Insurance

Insurance Paper Risk Analytics

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

Data Protection Report

MARCH 7, 2024

The proposed definition of “listed identifier” is Full or truncated government identification or account number (such as a Social Security Number, driver’s license or state identification number, passport number, or Alien Registration Number) [Note that this definition apparently includes truncated Social Security Numbers.]

Access

Access Military Compliance Personal data

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

This means it will be just as important for your sales and marketing teams to be aware of the GDPR requirements as it will be for your customer support teams. Cyber liability insurance policies, for example, should still provide cover in respect of liabilities arising under the law pre-GDPR even though that law is no longer current.

GDPR

GDPR Personal data Compliance Data breaches

Safety Stock

Ascent Innovations

OCTOBER 9, 2020

Safety stock serves as an insurance or a cushion for manufacturers and retailers against possible out of stock situations for an item. The important reasons to maintain the safety stock is to prevent the business from stock out situations which arise due to various internal and external factors. Why to maintain Safety stock?

Sales

Sales Manufacturing Marketing Customer Experience

West Coast, East Coast, and Now Mountains, Too: Colorado Joins the Comprehensive State Privacy Law Club

Data Matters

JULY 28, 2021

Other states have taken a more limited approach, most notably Nevada, which increased the scope of the right to opt out of personal data sales under its targeted privacy law. By contrast, the VCDPA defines a sale as data solely being exchanged for monetary consideration. After signing the CPA into law, Gov. Exemptions.

Privacy

Privacy Sales Personal data Compliance

The Hacker Mind Podcast: Tales From A Ransomware Negotiator

ForAllSecure

MAY 30, 2023

Mark Lance, the VP of DFIR and Threat intelligence for GuidePoint Security, provides The Hacker Mind with stories of ransomware cases he’s handled. VAMOSI: Four days after the Russian invasion of Ukraine, on February 28, 2022, members of the Conti ransomware group began leaking information about the internal operations.

Ransomware

Ransomware Encryption Authentication Communications

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

Recent guidance from the Securities and Exchange Commission (SEC) on disclosure and enforcement actions by the Federal Trade Commission (FTC) make clear that cybersecurity is no longer a niche topic, but a concern significant enough to warrant the oversight of corporate boards of directors. Designing an Enterprise-Level Approach. Principle 5.

Cybersecurity

Cybersecurity Risk Passwords Authentication

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

SEPTEMBER 27, 2021

Thus, common tools and techniques are risk matrices, risk registers, risk logs, risk breakdown structures, risk categories, Monte Carlo simulations, and sensitivity analyses. This shifted the focus from how content is managed in a single repository to how content is used by internal and external business users.

Digital transformation

Digital transformation Risk IT Computer and Electronics

The Week in Cyber Security and Data Privacy: 11 – 18 December 2023

IT Governance

DECEMBER 19, 2023

We’re also introducing two new categories this week: ‘AI’ and ‘Key dates’. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: personal data belonging to 14,690,284 individuals. Data breached: 8 TB.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

Data Matters

JUNE 26, 2018

If voters pass the initiative, it would go into effect the day after the election — providing essentially no time to develop an extensive internal regulatory program, yet providing immediate exposure to penalties for failures to have those extensive compliance processes in operation. What Is Personal Information. biometric data.

Privacy

Privacy GDPR Sales Data breaches

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

Rather, to be covered by the VCDPA, an entity must either “(i) during a calendar year, control or process personal data of at least 100,000 consumers or (ii) control or process personal data of at least 25,000 consumers and derive over 50 percent of gross revenue from the sale of personal data.”. Exemptions. Controllers must. 6501 et seq.).

Personal data

Personal data GDPR Sales Privacy

Information Management Today

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached

Trending Sources

Oregon Consumer Privacy Act

Regulatory Update: NAIC Summer 2022 National Meeting

What Is Integrated Risk Management? Definition & Implementation

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

How to Find & Choose IT Outsourcing Services

How to Develop an Incident Response Plan

List of Data Breaches and Cyber Attacks in August 2022 – 97 Million Records Breached

California Enacts Broad Privacy Laws Modeled on GDPR

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

Deciding Which Paper Files to Keep, Which to Scan, Which to Shred

California Enacts Broad Privacy Protections Modeled on GDPR

CyberheistNews Vol 13 #07 [Scam of the Week] The Turkey-Syria Earthquake

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Regulatory Update: NAIC Fall 2020 National Meeting

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

GDPR is upon us: are you ready for what comes next?

Safety Stock

West Coast, East Coast, and Now Mountains, Too: Colorado Joins the Comprehensive State Privacy Law Club

The Hacker Mind Podcast: Tales From A Ransomware Negotiator

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

The Week in Cyber Security and Data Privacy: 11 – 18 December 2023

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Stay Connected