2010, Information Security, Insurance and IT - Information Management Today

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance

Insurance Cybersecurity Data breaches Financial Services

FTC Seeks Comment on Proposed Changes to its GLBA Safeguards and Privacy Rules

Data Matters

MARCH 12, 2019

Last week, the Federal Trade Commission (“FTC”) got into the act as well, releasing two notices of proposed rulemaking (“NPRM”) on potential changes to its the Standards for Safeguarding Customer Information (“Safeguards Rule”) and Privacy of Consumer Financial Information Rule (“Privacy Rule”) under the Gramm-Leach-Bliley Act.

Privacy

Privacy IT Information Security Insurance

Hospitality Chain McMenamins discloses data breach after ransomware attack

Security Affairs

JANUARY 4, 2022

According to the company, threat actors have stolen data of individuals employed between July 1, 2010, and December 12, 2021. McMenamins properties remain open despite the security breach, however, many operational systems, including its phone system, credit card processing and hotel reservation system, were impacted by the ransomware attack.

Data breaches

Data breaches Ransomware Insurance Sales

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

Connecticut Insurance Department Issues Five-Day Breach Reporting Requirement

Hunton Privacy

SEPTEMBER 3, 2010

On August 18, 2010, the Connecticut Insurance Department (the “Department”) issued Bulletin IC-25 , which requires entities subject to its jurisdiction to notify the Department in writing of any “information security incident” within five calendar days after an incident is identified.

Insurance

Insurance Information Security Encryption Communications

Maryland Department of Labor discloses a data breach

Security Affairs

JULY 9, 2019

The Maryland Department of Labor announced it has suffered a data breach announced that exposed personally identifiable information. . The Maryland Department of Labor suffered a data breach, hackers accessed databases containing personally identifiable information (PII). ” continues the Department. .

Data breaches

Data breaches Insurance Access Security

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

Security firms have monitored the activities of a dozen groups at least since 2010. . Hanna Andersson started informing its customers via email, the company was informed by law enforcement on December 5 that data related to credit cards used by its customers on its websites were available for sale on the dark web.

Data breaches

Data breaches Retail Cloud Insurance

OCR Issues Penalty for Noncompliance with HIPAA Privacy and Security Rules

Hunton Privacy

FEBRUARY 3, 2017

million civil monetary penalty against Children’s Medical Center of Dallas (“Children’s”) for alleged ongoing violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules, following two consecutive breaches of patient electronic protected health information (“ePHI”).

Privacy

Privacy Security Insurance Encryption

UK ICO Outlines the Year Ahead

Hunton Privacy

JANUARY 26, 2012

The Commissioner argued that information rights can deliver “huge benefits in terms of better government, better services, and the protection of freedoms,” but conceded that post-legislative scrutiny may be beneficial in some respects. Despite FOIA taking effect seven years ago, some public authorities still regard it as a “distraction.”

FOIA

FOIA Insurance Big data Data breaches

Massachusetts Hospital Settles Data Breach Lawsuit

Hunton Privacy

JUNE 7, 2012

On May 24, 2012, Massachusetts Attorney General Martha Coakley announced that South Shore Hospital agreed to a consent judgment and $750,000 payment to settle a lawsuit stemming from a data breach that occurred in February 2010.

Data breaches

Data breaches Privacy Insurance Education

FTC Seeks Comment on Proposed Changes to GLBA Implementing Rules

HL Chronicle of Data Protection

MARCH 14, 2019

It includes general, high level elements of a security program, but lacks detailed security steps. The plan must enable FIs to promptly respond to and recover from security events affecting customer information. Finally, the plan must require evaluation and revisions to it as necessary following a security event.

Privacy

Privacy Risk Cybersecurity Information Security

Indiana Sues WellPoint for $300,000 for Delay in Data Breach Notification

Hunton Privacy

NOVEMBER 1, 2010

Indiana Attorney General Greg Zoeller announced on October 29, 2010, that he has sued health insurer WellPoint, Inc. The state alleges that WellPoint was notified of the security breach on February 22, 2010, and again on March 8, 2010, but did not begin notifying customers of the breach until June 18, 2010.

Data breaches

Data breaches Insurance Security IT

Health Care Organizations Comment on Proposed Modifications to HIPAA Privacy, Security and Enforcement Rules

Hunton Privacy

OCTOBER 4, 2010

The Department of Health and Human Services (“HHS”) received numerous comments on its proposed modifications to the Health Insurance Portability and Accountability Act Privacy, Security and Enforcement Rules, which were issued on July 8, 2010. Some highlights from the comments are outlined below. Enforcement Rule.

Privacy

Privacy Security Compliance Insurance

Nevada and New Hampshire Data Security and Privacy Laws Take Effect

Hunton Privacy

JANUARY 6, 2010

On January 1, 2010, two important state data security and privacy laws took effect in Nevada and New Hampshire. The laws create new obligations for most companies that do business in Nevada and for health care providers and business associates in New Hampshire.

Privacy

Privacy Security Encryption Communications

FTC Settles with Dental Practice Software Provider over Charges of Misleading Consumers with Respect to Data Encryption

Hunton Privacy

JANUARY 13, 2016

On January 5, 2016, the Federal Trade Commission announced that dental office management software provider, Henry Schein Practice Solutions, Inc. Schein”), agreed to settle FTC charges that accused the company of falsely advertising the level of encryption it used to protect patient data.

Encryption

Encryption Insurance Data breaches Privacy

M&A Due Diligence: The Devil in Their Data

Data Matters

NOVEMBER 16, 2017

Cybersecurity insurance was a relatively new—and far from prevalent—concept. It follows that when buying a company to get its innovative technologies or data, it is helpful to know if rogue actors have already stolen or compromised that information. To say that’s changed is an understatement. Cybersecurity Risk in the Boardroom.

Data breaches

Data breaches Cybersecurity Risk Compliance

HHS Issues Modifications to the HIPAA Privacy, Security and Enforcement Rules

Hunton Privacy

JULY 8, 2010

On July 8, 2010, the Department of Health and Human Services (“HHS”) issued a notice of proposed rulemaking to modify the Privacy, Security and Enforcement Rules promulgated pursuant to the Health Insurance Portability and Accountability Act of 1996.

Privacy

Privacy Security Marketing Insurance

Malaysian Data Protection Law Takes Effect

Hunton Privacy

NOVEMBER 19, 2013

On November 14, 2013, the Minister of the Malaysian Communications and Multimedia Commission (the “Minister”) announced that Malaysia’s Personal Data Protection Act 2010 (the “Act”) would be going into effect as of November 15, marking the end of years of postponements. It is unclear exactly what is meant by “a regular practice” in Malaysia.

Personal data

Personal data Marketing Communications Insurance

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

It shed light on how we got to this era of companies struggling to secure highly complex networks, housed on-premises and in overlapping public and private clouds, while at the same time striving to optimize the productivity of employees and – increasingly — third-party suppliers and contractors.

Access

Access Government Authentication Data breaches

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

KnowBe4

MARCH 14, 2023

CyberheistNews Vol 13 #11 | March 14th, 2023 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears Robert Lemos at DARKReading just reported on a worrying trend. In a recent report, data security service Cyberhaven detected and blocked requests to input data into ChatGPT from 4.2%

Phishing

Phishing Security Security awareness Artificial Intelligence

Information Management Today

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

FTC Seeks Comment on Proposed Changes to its GLBA Safeguards and Privacy Rules

Webinars

Trending Sources

Hospitality Chain McMenamins discloses data breach after ransomware attack

Webinars

Connecticut Insurance Department Issues Five-Day Breach Reporting Requirement

Maryland Department of Labor discloses a data breach

US-based children’s clothing maker Hanna Andersson discloses a data breach

OCR Issues Penalty for Noncompliance with HIPAA Privacy and Security Rules

UK ICO Outlines the Year Ahead

Massachusetts Hospital Settles Data Breach Lawsuit

FTC Seeks Comment on Proposed Changes to GLBA Implementing Rules

Indiana Sues WellPoint for $300,000 for Delay in Data Breach Notification

Health Care Organizations Comment on Proposed Modifications to HIPAA Privacy, Security and Enforcement Rules

Nevada and New Hampshire Data Security and Privacy Laws Take Effect

FTC Settles with Dental Practice Software Provider over Charges of Misleading Consumers with Respect to Data Encryption

M&A Due Diligence: The Devil in Their Data

HHS Issues Modifications to the HIPAA Privacy, Security and Enforcement Rules

Malaysian Data Protection Law Takes Effect

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

Stay Connected