IT Governance

APRIL 29, 2024

30 April 2024 – ISO/IEC 27001:2013 certification unavailable Certification bodies must stop offering (re)certification to ISO 27001:2013 by 30 April. The new iteration of the Standard, ISO 27001:2022, isn’t significantly different from ISO 27001:2013, but there are some notable changes.

Data Privacy 91

Data Privacy Privacy Manufacturing Security 91

Hunton Privacy

FEBRUARY 24, 2014

Securities and Exchange Commission that its health insurance subsidiary, Triple-S Salud, Inc. Triple S”), which is Puerto Rico’s largest health insurer, will be fined $6.8 million for a data breach that occurred in September 2013.

Insurance 40

Insurance Data breaches IT Security 40

IT Governance

MARCH 5, 2024

TB Turtlemint Source (New) Insurance India Yes 1,800,000 Chunghwa Telecom Source (New) Telecoms Taiwan Yes 1.7 Source (New) Engineering Japan Yes >5 TB Array Networks Source (New) Cyber security USA Yes 2.5

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

APRIL 9, 2024

Other databases contained health insurance data, such as patents’ names, dates of birth, addresses and medical data. EyeCare Services Partners exposes more 3.5 The biggest database in the blob contained 3.1 million patients and 1.6 million unique Social Security numbers. Source (New) Manufacturing USA Yes 1.1

Data Privacy 52

Data Privacy Privacy Security Manufacturing 52

Hunton Privacy

JULY 16, 2021

According to the Regulators, the Proposed Guidance largely would adopt the text of the OCC’s 2013 guidance, broadening its scope to include organizations supervised by all three Regulators.

Risk 81

Risk Insurance Sales Encryption 81

Hunton Privacy

FEBRUARY 22, 2017

The settlement stemmed from the theft of two laptops stolen from Horizon headquarters in November 2013, when personnel from outside vendors performing renovations and moving services at Horizon’s Newark headquarters had unsupervised access to the area where company laptops were stored.

Insurance 45

Insurance Privacy Encryption Passwords 45

Hunton Privacy

JUNE 13, 2023

On June 6, 2023, the Federal Deposit Insurance Corporation (“FDIC”), the Board of Governors of the Federal Reserve System (“FRB”) and the Office of the Comptroller of the Currency (“OCC”) issued their final Interagency Guidance on Third-Party Relationships (“Guidance”).

Risk 64

Risk Insurance Compliance Information Security 64

IG Guru

NOVEMBER 26, 2019

Department of Health and Human Services (HHS) has imposed a $1,600,000 civil money penalty against the Texas Health and Human Services Commission (TX HHSC), for violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules between 2013 […]. The post OCR Imposes a $1.6

Insurance 52

Insurance Privacy Security Records Management 52

IT Governance

MARCH 11, 2024

Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. 30 April 2024 – ISO/IEC 27001:2013 certification unavailable Certification bodies must stop offering (re)certification to ISO 27001:2013 by 30 April.

Data Privacy 79

Data Privacy Privacy Security Data breaches 79

Hunton Privacy

JANUARY 16, 2021

The Court held that OCR’s civil monetary penalty for alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy Rule and HIPAA Security Rule was “arbitrary, capricious, and otherwise unlawful.”. OCR investigated and imposed the $4.3

Encryption 71

Encryption Privacy Insurance Security 71

Security Affairs

JULY 9, 2019

The security breach was discovered earlier this year, hackers also accessed data stored in the Literacy Works Information System and a legacy unemployment insurance service database. The Maryland Department of Labor suffered a data breach, hackers accessed databases containing personally identifiable information (PII).

Data breaches 71

Data breaches Insurance Access Security 71

IT Governance

APRIL 22, 2024

Cloud, FL Source (Update) Public USA Yes 719,597 Regulator Marine Inc Source (New) Manufacturing USA Yes 630 GB Risas Dental and Braces Source 1 ; source 2 (New) Healthcare USA Yes 618,189 HUB International Source (New) Insurance USA Yes 514,477 Lee University Source 1 ; source 2 (New) Education USA Yes 387.49

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

Krebs on Security

SEPTEMBER 25, 2020

Mr. Davies was charged with murder and fraud after he attempted to collect GBP 132,000 in her life insurance payout, but British prosecutors ultimately conceded they did not have enough evidence to convict him. A search on John Clifton Davies and Iryna turned up this 2013 story from The Daily Mirror which says Iryna is John C.

Insurance 211

Insurance IT 211

Krebs on Security

NOVEMBER 3, 2022

In 2013, Kurittu worked on investigation involving Kivimaki’s use of the Zbot botnet, among other activities Kivimaki engaged in as a member of the hacker group Hack the Planet. The entire archive has since been made into a searchable website on the Dark Web. “There were also other projects and databases.”

Data breaches 202

Data breaches Records Management Insurance Archiving 202

HL Chronicle of Data Protection

SEPTEMBER 27, 2018

4th 390, 393 (2013) (allowing “unlawful” UCL claim for violations of the federal Truth in Savings Act despite no express private right of action because Congress intended for state laws to hold banks to equivalent standards); see also Zhang v. 11-16351, 2013 WL 98554, at *1 (9th Cir. Bank of America, N.A. , Fireman’s Fund Ins.

Privacy 81

Privacy Data breaches Insurance IT 81

IT Governance

OCTOBER 24, 2023

Another small firm suffers a serious ransomware attack: Cadre Services gets mauled by AlphV Date of breach: 19 September 2013 (AlphV uploaded first part of data to its website on 19 October 2023). American Family Insurance confirms cyberattack is behind IT outages Date of breach: 14 or 15 October 2023.

Data Privacy 105

Data Privacy Privacy Security Data breaches 105

Hunton Privacy

SEPTEMBER 24, 2013

Recent months have seen a significant increase in highly-publicized cyber attacks and cybersecurity incidents, including an August 2013 attack on The New York Times’ website that shut down the site twice in two weeks. Unsurprisingly, there also has been an upswing in the demand for, and underwriting of, cyber insurance.

Insurance 40

Insurance Cybersecurity Privacy 40

Hunton Privacy

AUGUST 1, 2013

On April 19, 2013, the North Dakota legislature amended the state’s breach notification law (Section 51-30-01 of the North Dakota Century Code) to expand the definition of “personal information” to include “health insurance information” and “medical information.” The amendments took effect on August 1, 2013.

Insurance 40

Insurance Security Privacy 40

The Security Ledger

APRIL 27, 2021

Back in 2013, news that hackers stole data on tens of millions of customers of the software maker Adobe dominated the headlines for days. Data leaks, data breaches and data dumps are so common these days that they don’t even attract that much attention. Waiting for Federal Data Privacy Reform? Don’t Hold Your Breath.

Data breaches 52

Data breaches Big data Retail Insurance 52

ARMA International

APRIL 28, 2022

I have been a member of the OAR staff at the ANO since March 2013. The plan was to meet the insurance coordinator at the Howard Avenue office at 8:30 a.m. I was aware that I would need documentation on damage and losses for insurance and internal purposes. The insurance coordinator proposed stabilizing in place.

Records Management 97

Records Management Archiving Insurance Communications 97

Hunton Privacy

FEBRUARY 3, 2017

million civil monetary penalty against Children’s Medical Center of Dallas (“Children’s”) for alleged ongoing violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules, following two consecutive breaches of patient electronic protected health information (“ePHI”).

Privacy 40

Privacy Security Insurance Encryption 40

eSecurity Planet

FEBRUARY 14, 2023

In 2013, Adam Markowitz founded Portfolium, an edtech startup that matched college students and graduates with employers. “I In the case of Lemonade – an online insurance company – it spent over 200 hours on the process. The process for creating the report was time-consuming, manual and costly.

Compliance 121

Compliance Security Cybersecurity Marketing 121

Hunton Privacy

FEBRUARY 6, 2015

Conducted by the SEC Office of Compliance Inspections and Examinations (“OCIE”) from 2013 through April 2014, the examinations inspected the cybersecurity practices of 57 registered broker-dealers and 49 registered investment advisers through interviews and document reviews.

Cybersecurity 40

Cybersecurity Insurance Financial Services Risk 40

Hunton Privacy

DECEMBER 3, 2018

It therefore intends to cover standard customer data processing activities carried out by any data controller, except (1) health or educational institutions; (2) banking or similar institutions; (3) insurance companies; and (4) operators subject to approval by the French Online Gambling Regulatory Authority.

GDPR 81

GDPR Personal data Insurance Education 81

eSecurity Planet

AUGUST 9, 2022

are subject to laws such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (the HITECH Act), as well as regulations such as the Clinical Laboratory Improvements Amendments (CLIA). Healthcare Data Privacy Laws. Health data and patient data in the U.S.

Data Privacy 145

Data Privacy Compliance Privacy Security 145

eDiscovery Daily

FEBRUARY 3, 2022

Lee: FFS, an insurance broker, requested the production of all written communication after the defendants violated their contract by sharing company information after termination. Consequently, attorney fees were issued, and the case was terminated. These methods are time-consuming and harder to authenticate in court. [5]. 4] Anthony J.

e-Discovery 78

e-Discovery Computer and Electronics Communications Authentication 78

Data Matters

JUNE 9, 2021

The Notice further states that the data will never be shared with marketing or insurance companies. Although the GP data collection was set to take place as of July 1, 2021, on June 8, 2021 it was announced that the launch will be postponed to September 1, 2021.

Healthcare 79

Healthcare Data collection Personal data GDPR 79

Hunton Privacy

AUGUST 10, 2017

Circuit reversed the dismissal of a putative data breach class action against health insurer CareFirst, Attias v. The court’s opinion also identified allegations of “medical identity theft” that was possible with the theft of health insurance subscriber ID numbers alone. On August 1, 2017, a unanimous three-judge panel for the D.C.

Insurance 40

Insurance Data breaches Risk Access 40

Hunton Privacy

SEPTEMBER 23, 2013

Today, September 23, 2013, marks the deadline for compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Omnibus Rule that was issued in January 2013.

Compliance 40

Compliance Privacy Insurance Risk 40

Krebs on Security

JUNE 30, 2021

In a report released in 2019 (PDF), Agari profiled a group it dubbed “ Scattered Canary ” that is operating principally out of West Africa and dabbles in a dizzying array of schemes, including BEC and romance scams, FEMA and SBA loans, unemployment insurance fraud, counterfeit checks and of course money laundering. Image: Agari.

Insurance 250

Insurance Education IT Government 250

HL Chronicle of Data Protection

SEPTEMBER 27, 2018

4th 390, 393 (2013) (allowing “unlawful” UCL claim for violations of the federal Truth in Savings Act despite no express private right of action because Congress intended for state laws to hold banks to equivalent standards); see also Zhang v. 11-16351, 2013 WL 98554, at *1 (9th Cir. Bank of America, N.A. , Fireman’s Fund Ins.

Privacy 40

Privacy Data breaches Insurance IT 40

HL Chronicle of Data Protection

SEPTEMBER 27, 2018

4th 390, 393 (2013) (allowing “unlawful” UCL claim for violations of the federal Truth in Savings Act despite no express private right of action because Congress intended for state laws to hold banks to equivalent standards); see also Zhang v. 11-16351, 2013 WL 98554, at *1 (9th Cir. Bank of America, N.A. , Fireman’s Fund Ins.

Privacy 40

Privacy Data breaches Insurance IT 40

Hunton Privacy

AUGUST 7, 2013

On August 6, 2013, the Obama Administration posted links on The White House Blog to reports from the Departments of Commerce , Homeland Security and Treasury containing recommendations on incentivizing companies to align their cybersecurity practices with the Cybersecurity Framework.

Cybersecurity 40

Cybersecurity Insurance Risk Security 40

IT Governance

NOVEMBER 28, 2023

9 million records breached through decade-long data leak A former temporary employee of a subsidiary of NTT West (Nippon Telegraph and Telephone West Corp) illegally accessed about 9 million personal data records over the course of a decade (2013 to 2023). Breached records: more than 56 million.

Data Privacy 52

Data Privacy Privacy Energy and Utilities Data breaches 52

Hunton Privacy

NOVEMBER 30, 2016

On November 22, 2016, the Department of Health and Human Services (“HHS”) announced a $650,000 settlement with University of Massachusetts Amherst (“UMass”), resulting from alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules. .

Computer and Electronics 40

Computer and Electronics Insurance Privacy Risk 40

CGI

JANUARY 22, 2016

The Network and Information Systems Directive (NISD) was first proposed in 2013 and is now set to become a reality, with only the final legal processes of the European Parliament and Council to complete, after which it will be published in the EU Official Journal and enter into force.

Insurance 40

Insurance GDPR Personal data Marketing 40

Hunton Privacy

MAY 9, 2013

On May 7, 2013, the Federal Trade Commission announced that it issued letters to ten data broker companies warning that their practices could violate prohibitions against selling consumer information under the Fair Credit Reporting Act (“FCRA”).

Insurance 40

Insurance Privacy Personal data IT 40