2010, Compliance, Government and Security - Information Management Today

Malaysia introduces watershed amendments to Personal Data Protection Act 2010

Data Protection Report

JULY 26, 2024

The PDP Bill, which had been under review by the Malaysian Government for some years, introduces significant changes to Malaysia’s Personal Data Protection Act 2010 (the Malaysian PDPA ), aimed at aligning the Malaysian approach more closely with international data protection regimes.

Personal data

Personal data Data breaches Compliance GDPR

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

Back in 2015, a security researcher decided to make that very point when he claimed to have hacked a plane , accessed the thrust system, and made it fly higher than intended. In 2019, a cybersecurity firm demonstrated security risks that could allow an attacker to disrupt engine readings and altitude on an aircraft.

Risk

Risk Artificial Intelligence Cybersecurity Compliance

A Data Security Nightmare Before Christmas

Thales Cloud Protection & Licensing

DECEMBER 13, 2021

A Data Security Nightmare Before Christmas. Bad people and governments wanted to get their hands on anyone and everyone’s data for their own nefarious purposes. Government and industry regulators also started to be concerned that organizations were collecting or using data that needed to be more rigorously regulated and protected.

Security

Security Digital transformation Compliance Access

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

EDPB Issues Statement on U.S. Foreign Account Tax Compliance Act

Hunton Privacy

FEBRUARY 28, 2019

Foreign Account Tax Compliance Act (“FATCA”). Enacted in 2010, FATCA requires that foreign financial institutions report information about financial accounts and assets held by their U.S. government. government. Social Security number.) government to ensure that they comply with the GDPR.

Compliance

Compliance GDPR Personal data Government

CSPM vs CWPP vs CIEM vs CNAPP: What’s the Difference?

eSecurity Planet

AUGUST 4, 2023

As cloud computing evolves, so has cloud security, and buyers in the market for cloud security solutions may find themselves facing a dizzying array of acronyms, like CNAPP, CWPP, CSPM, and CIEM. Securing all those new cloud environments and connections became a job for cybersecurity companies.

Cloud

Cloud Compliance Access Risk

MY TAKE: DigiCert and Oracle partner to extend digital trust and scalable infrastructure globally

The Last Watchdog

MAY 9, 2023

Amazon had introduced Amazon Web Services in 2006 and Microsoft Azure became commercially available in 2010. Cavanagh As a latecomer to the hyperscale data center market , Oracle focused on its heritage of helping large enterprise customers securely and efficiently run their mission critical systems and applications, Cavanagh told me. “We

Cloud

Cloud Digital transformation Military Retail

Weekly podcast: Yahoo hacker sentenced, acoustic DoS attack and GDPR compliance fails

IT Governance

JUNE 1, 2018

Hello and welcome to the IT Governance podcast for Friday, 1 June 2018. He also hacked into a further 11,000 accounts between 2010 and his arrest in 2017. Ahhh… compliance. I’m going to go back to reading the new Data Protection Act, but until next time you can keep up with the latest information security news on our blog.

GDPR

GDPR Compliance Computer and Electronics Data breaches

Blockchain Tracing: The U.S. Government’s Newest Tool to Combat Foreign Crime

Data Matters

MAY 23, 2022

2010) (citation omitted). Accordingly, parties at each stage of blockchain transactions should carefully review their sanctions compliance procedures, in light of the OFAC guidelines cited by Magistrate Judge Faruqui, to address liability and enforcement risk. based institutions to direct bitcoin to a sanctioned nation.

Blockchain

Blockchain Government Compliance Privacy

FINRA Issues its 2020 Artificial Intelligence Report for Industry Comment

Data Matters

JUNE 17, 2020

The Report provides an overview of AI technology, explores its diverse, multifaceted applications in the securities industry and identifies the challenges and legal considerations with leveraging this technology. Artificial Intelligence in the Securities Industry . Data Governance. Key Challenges and Regulatory Considerations .

Artificial Intelligence

Artificial Intelligence IT Risk Privacy

A Look Back On Five Key Developments in Cybersecurity and Data Protection in Southeast Asia in 2022

Data Protection Report

JANUARY 9, 2023

With the year 2022 firmly in the rear view, and as we look to start the new year in 2023, Norton Rose Fulbright’s Regulatory Compliance and Investigations team looks back and rounds up the five key cyber and data protection developments that took place in Southeast Asia in 2022. . in damages to its customer over data leak.

Cybersecurity

Cybersecurity Personal data Data breaches Ransomware

UK ICO Fine Reinforces Public Sector Compliance Concerns

Hunton Privacy

OCTOBER 29, 2012

On October 11, 2012, the ICO published three reports summarizing the audits it had conducted from February 2010 to July 2012 in the public sector, specifically central government, local authorities and National Health Service (“NHS”) organizations. A fourth report summarized the results of audits of private sector organizations.

Compliance

Compliance Data breaches Government Education

UK: Personal liability for PECR regulatory fines proposed in Government consultation

DLA Piper Privacy Matters

MAY 31, 2018

There are specific rules on: • marketing calls, emails, texts and faxes; • cookies (and similar technologies); • keeping communications services secure; and. million in fines issued for nuisance calls since 2010, with in many instances companies entering insolvency to avoid substantial penalties.

Government

Government Marketing Communications Privacy

Apple Patches Vulnerabilities in iOS Exploited by Spyware

eSecurity Planet

SEPTEMBER 14, 2021

Apple continues to be haunted by spyware developed by an Israeli security firm that hostile governments used to hack into Apple devices to spy on journalists, activists and world leaders (see Apple Security Under Scrutiny Amid Fallout from NSO Spyware Scandal ). and iPadOS 14.8 Spyware Vulnerability. Fast Fixes by Apple.

Government

Government Cybersecurity Libraries Security

Documation 2022: summary of our conferences

Everteam

APRIL 22, 2022

Analyzing , Information Governance , Records Management. It also combines the consideration of specificities specific to the management and governance of information. ” Do not run the project in isolation, but manage it globally as an enterprise-wide information governance project. Nicolas d'Ambrosio. 22 April 2022.

Archiving

Archiving Records Management Paper Marketing

The Cathay Pacific Breach: Is Data Protection and Cyber Security Law in Hong Kong About to Receive an Upgrade?

HL Chronicle of Data Protection

JUNE 17, 2019

The PCPD’s enforcement notice concerns compliance with two aspects of the Personal Data (Privacy) Ordinance (the “ PDPO “): the obligation under Data Protection Principle 4 (“ DPP 4 “) to take all practicable steps to ensure that personal data are protected against unauthorized access; and. The Incident.

Personal data

Personal data Data breaches Security Compliance

M&A Due Diligence: The Devil in Their Data

Data Matters

NOVEMBER 16, 2017

Corporate deals often covered the risk with a general compliance with law representation, and companies provided notice of data breaches 30, 45 or more days after the fact. These data protection authorities (DPAs) have developed robust regulatory requirements for the security of data. Moreover, their powers are growing.

Data breaches

Data breaches Cybersecurity Risk Compliance

Nevada and New Hampshire Data Security and Privacy Laws Take Effect

Hunton Privacy

JANUARY 6, 2010

On January 1, 2010, two important state data security and privacy laws took effect in Nevada and New Hampshire. The laws create new obligations for most companies that do business in Nevada and for health care providers and business associates in New Hampshire.

Privacy

Privacy Security Encryption Communications

UK ICO Issues Revised Guidance on Fines

Hunton Privacy

FEBRUARY 7, 2012

Monetary penalties are one mechanism in a suite of tools that the UK Information Commissioner’s Office (“ICO”) uses to encourage compliance with data protection regulations. On April 6, 2010, the ICO’s power to issue monetary penalties of up to £500,000 for serious breaches of the Data Protection Act 1998 (the “DPA”) came into force.

Compliance

Compliance Privacy Risk Communications

Thursday LTNY 2019 Sessions: eDiscovery Trends

eDiscovery Daily

JANUARY 30, 2019

sponsored by ACEDS, CloudNine and Compliance Discovery Solutions. Upon completing this session, you will be able to: Highlight the need for a multi-disciplinary approach for transformative information governance projects. 1:30pm – 2:30pm: Information Governance in the Cloud: Compare and Contrast. and Mary (as in Mary Mack!),

e-Discovery

e-Discovery Information governance Cloud GDPR

Article 29 Working Party Adopts Opinion on Cloud Computing

Hunton Privacy

JULY 4, 2012

Cloud computing and the range and geographical dispersion of the various parties involved also have raised significant uncertainty in terms of applicable law, which the Working Party previously analyzed in its Opinion 8/2010. A cloud client must therefore choose cloud providers that will guarantee compliance with the applicable law(s).

Cloud

Cloud Personal data Compliance Risk

Sharing information to fight opioid misuse in the U.S.

CGI

MARCH 19, 2019

The federal government has a long history of sharing critical health information for those who need to know, and has put foundational pieces in place to tackle the opioid crisis. For example, the CONNECT health information-sharing platform supports the secure exchange of health information for more than 2,000 organizations across the U.S.

CMS

CMS Analytics Education Risk

Sharing information to fight opioid misuse in the U.S.

CGI

MARCH 19, 2019

The federal government has a long history of sharing critical health information for those who need to know, and has put foundational pieces in place to tackle the opioid crisis. For example, the CONNECT health information-sharing platform supports the secure exchange of health information for more than 2,000 organizations across the U.S.

CMS

CMS Analytics Education Risk

FINRA Issues Guidance on the Use of Blogs and Social Networking

Hunton Privacy

JANUARY 27, 2010

On January 25, 2010, the Financial Industry Regulatory Authority (“FINRA”) issued Regulatory Notice 10-06, Guidance on Blogs and Social Networking Web Sites (the “Guidance”) for securities firms, investment advisors and brokers. The full text of the Regulatory Notice is available on FINRA’s website.

Communications

Communications Compliance Government Security

UK ICO Outlines the Year Ahead

Hunton Privacy

JANUARY 26, 2012

The Commissioner cautioned against allowing data protection compliance to fall by the wayside in the current, tough economic climate, especially given the inevitable reputational damage caused by big data breaches and the ICO’s power to impose fines.

FOIA

FOIA Insurance Big data Data breaches

Marketing Industry Groups Propose Behavioral Advertising Guidelines

Hunton Privacy

JULY 2, 2009

The new self-regulatory guidelines are based on seven principles: Education, Transparency, Consumer Control, Data Security, Consent to Material Changes, Sensitive Data and Accountability. The FTC published a second report on its own proposed self-regulatory principles on February 12, 2009.

Marketing

Marketing Education Compliance Data collection

Mandatory Data Breach Notification Bill Proposed in Australia

Hunton Privacy

MAY 30, 2013

On May 29, 2013, a bill , accompanied by an explanatory memorandum , was proposed in the Australian Parliament that requires businesses and government agencies that experience a serious data breach to notify affected individuals and the Office of the Australian Information Commissioner (“OAIC”).

Data breaches

Data breaches Communications Risk Privacy

Article 29 Working Party Issues Opinion on Online Behavioral Advertising

Hunton Privacy

JUNE 24, 2010

On June 24, 2010, the Article 29 Working Party adopted Opinion 2/2010 (the “Opinion”) providing further clarification on online behavioral advertising. The Working Party also issued a press release on this topic. Who is responsible? Additional obligations? The remaining provisions of Directive 95/46/EC also will be fully applicable.

Privacy

Privacy Government Compliance IT

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

Related: Applying ‘zero trust’ to managed security services. based supplier of identity access management (IAM) systems, which recently announced a partnership with Omada, a Copenhagen-based provider of identity governance administration (IGA) solutions. Meeting compliance. It’s not for lack of trying.

Access

Access Government Authentication Data breaches

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

Troy Hunt

JANUARY 10, 2018

It's operating in an era of increasingly large repositories of personal data held by both private companies and governments alike. It's not the only such claim either; earlier last year in the wake of another security controversy, another similarly spectacular claim was made : In public, UIDAI claimed Aadhaar was completely secure.

Security

Security Government Encryption Risk

An enterprise balancing act in the cloud | ZDNet

Collaboration 2.0

SEPTEMBER 8, 2008

Google unplugs Windows Google decides that a security invasion from China was the last straw and bans the use of. Google docs isn’t formally credible for most organizations: storing corporate intellectual property on Google servers is completely unacceptable in the vast majority of IT legal compliance mandates.

Cloud

Cloud Paper Records Management IT

The view from the trenches. | ZDNet

Collaboration 2.0

JUNE 24, 2008

Google unplugs Windows Google decides that a security invasion from China was the last straw and bans the use of. Download Now WPA2 Security: Choosing the Right WLAN Authentication Method for Homes and Enterprises Global Knowledge Ask a hundred CIOs what three things about WLANs (wireless LANs) strike.

Paper

Paper e-Delivery e-Discovery IT

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Data Matters

JANUARY 24, 2020

Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year.

Cybersecurity

Cybersecurity Retail Compliance Marketing

Microsoft Office Sharepoint Server: a next generation of deeper, wider content silos? | ZDNet

Collaboration 2.0

JUNE 22, 2008

Google unplugs Windows Google decides that a security invasion from China was the last straw and bans the use of. This enterprise behemoth is at the heart of countless silos: Gartner commented ‘uncontrolled growth of Sharepoint content may result in compliance, storage and user issues’.

Records Management

Records Management Paper Archiving ECM

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

Data Matters

FEBRUARY 20, 2020

Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year. Retail-Targeted Investments.

Retail

Retail Compliance Marketing Risk

GUEST ESSAY: How SPDX helps reconcile interdependencies of open, proprietary software

The Last Watchdog

OCTOBER 11, 2021

We started the Software Package Data Exchange® (SPDX®) project in 2010. Having a formal ISO standard is also helpful to organizations that wish to mandate compliance with the SPDX standard in contracts and RFPs. But the directives of world governments may push these initiatives forward sooner rather than later. History of SPDX.

Communications

Communications Libraries Cybersecurity Authentication

UK’s Ministry of Justice Launches Consultation on Fines for Data Breaches

Hunton Privacy

NOVEMBER 11, 2009

The launch of the Consultation puts to rest recent speculation as to the level of fine likely to be imposed for a deliberate or serious breach of the DPA, including for data security breaches. ” The Ministry of Justice will publish a paper summarizing the responses received by January 11, 2010.

Data breaches

Data breaches Personal data Paper Risk

For nearly two decades, IBM Consulting has helped power SingHealth’s digital transformation

IBM Big Data Hub

APRIL 5, 2023

The healthcare industry’s heavy reliance on legacy systems, regulatory and security challenges are significant hurdles for its journey toward digital transformation. This partnership allows the public healthcare cluster to remain agile and navigate ongoing changes in compliance and technology.

Digital transformation

Digital transformation Compliance Cloud Insurance

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

Banks must still be allowed to process data to prevent fraud; regulators must still be allowed to process data to investigate malpractice and corruption; sports governing bodies must be allowed to process data to keep the cheats out; and journalists must still be able to investigate scandal and malpractice. change it substantially.

GDPR

GDPR Personal data Government IT

Weekly podcast: Twitter, Spectre-NG, NIS Directive and patches

IT Governance

MAY 10, 2018

Hello and welcome to the IT Governance podcast for Friday, 11 May 2018. Twitter provided some helpful advice on password security – unlike some companies that tried to join in with World Password Day – which bears repeating: Change your password on Twitter and on any other service where you may have used the same password.

Passwords

Passwords Compliance Risk Cloud

7 Key Benefits of Identity Resolution

Reltio

MARCH 16, 2021

According to Gartner survey 81% of marketers expect to compete mostly (or entirely) based on customer experience, this is up from 36% in 2010. Governance = Simplified Compliance. They can simplify compliance by using Reltio’s Identity 360 to support GDPR and CCPA regulations.

Customer Experience

Customer Experience Sales Marketing Compliance

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

NOVEMBER 6, 2018

Below is a summary of California’s new law and some takeaways for IoT device manufacturers as they move toward January 1, 2020 compliance. Core Security Obligation. The new law addresses the security obligations of “manufacturers” of connected devices. Code § 1798.91.05(c)) ” (Civ. . ” (Civ.

IoT

IoT Cybersecurity Manufacturing IT

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

NOVEMBER 5, 2018

Below is a summary of California’s new law and some takeaways for IoT device manufacturers as they move toward January 1, 2020 compliance. Core Security Obligation. The new law addresses the security obligations of “manufacturers” of connected devices. Code § 1798.91.05(c)) ” (Civ. . ” (Civ.

IoT

IoT Cybersecurity Manufacturing IT

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

SEPTEMBER 27, 2021

Take the example of the pandemic: only some governments engaged pandemic experts to develop actions plans. Commissioned by organizers to predict worst-case scenarios for the Munich games, [Georg] Sieber came up with a range of possibilities, from explosions to plane crashes, for which security teams should be prepared.

Digital transformation

Digital transformation Risk IT Computer and Electronics

Speaking around the World

Hunton Privacy

SEPTEMBER 27, 2010

Several members of Hunton & Williams’ Privacy and Information Management team are presenting at these events to discuss the current and evolving privacy and data security issues occurring around the world. On September 28, 2010, 6:00 p.m. – Simpson , who will lead the Privacy & Data Security session. Breakout Session.

Privacy

Privacy Government Compliance Security

Malaysia introduces watershed amendments to Personal Data Protection Act 2010

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

Webinars

Trending Sources

A Data Security Nightmare Before Christmas

Webinars

EDPB Issues Statement on U.S. Foreign Account Tax Compliance Act

CSPM vs CWPP vs CIEM vs CNAPP: What’s the Difference?

MY TAKE: DigiCert and Oracle partner to extend digital trust and scalable infrastructure globally

Weekly podcast: Yahoo hacker sentenced, acoustic DoS attack and GDPR compliance fails

Blockchain Tracing: The U.S. Government’s Newest Tool to Combat Foreign Crime

FINRA Issues its 2020 Artificial Intelligence Report for Industry Comment

A Look Back On Five Key Developments in Cybersecurity and Data Protection in Southeast Asia in 2022

UK ICO Fine Reinforces Public Sector Compliance Concerns

UK: Personal liability for PECR regulatory fines proposed in Government consultation

Apple Patches Vulnerabilities in iOS Exploited by Spyware

Documation 2022: summary of our conferences

The Cathay Pacific Breach: Is Data Protection and Cyber Security Law in Hong Kong About to Receive an Upgrade?

M&A Due Diligence: The Devil in Their Data

Nevada and New Hampshire Data Security and Privacy Laws Take Effect

UK ICO Issues Revised Guidance on Fines

Thursday LTNY 2019 Sessions: eDiscovery Trends

Article 29 Working Party Adopts Opinion on Cloud Computing

Sharing information to fight opioid misuse in the U.S.

Sharing information to fight opioid misuse in the U.S.

FINRA Issues Guidance on the Use of Blogs and Social Networking

UK ICO Outlines the Year Ahead

Marketing Industry Groups Propose Behavioral Advertising Guidelines

Mandatory Data Breach Notification Bill Proposed in Australia

Article 29 Working Party Issues Opinion on Online Behavioral Advertising

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

An enterprise balancing act in the cloud | ZDNet

The view from the trenches. | ZDNet

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Microsoft Office Sharepoint Server: a next generation of deeper, wider content silos? | ZDNet

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

GUEST ESSAY: How SPDX helps reconcile interdependencies of open, proprietary software

UK’s Ministry of Justice Launches Consultation on Fines for Data Breaches

For nearly two decades, IBM Consulting has helped power SingHealth’s digital transformation

The debate on the Data Protection Bill in the House of Lords

Weekly podcast: Twitter, Spectre-NG, NIS Directive and patches

7 Key Benefits of Identity Resolution

California Passes First Of Its Kind IoT Cybersecurity Law

California Passes First Of Its Kind IoT Cybersecurity Law

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

Speaking around the World

Stay Connected