Compliance, Education and Insurance - Information Management Today

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

Today, part three of Last Watchdog s year-end roundtable zeroes in on the regulatory and compliance landscape. Srivatsav Ravi Srivatsav , CEO, DataKrypto Non-compliance with regulations, such as the European Unions General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), risks severe penalties.

Compliance

Compliance Cybersecurity Privacy Risk

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. See the Top Governance, Risk and Compliance (GRC) Tools.

Data Privacy

Data Privacy Compliance Privacy Security

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

APRIL 22, 2022

That’s where cyber insurance may be able to help. For that reason, most experts now recognize that a complete cybersecurity strategy not only includes technological solutions aimed at preventing, detecting, and mitigating attacks, it should also include cyber insurance to help manage the associated financial risks. That’s a 29.1%

Insurance

Insurance Ransomware Cybersecurity Marketing

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

According to the notice published on the website of the OAG on August 07, 2023, exposed personal information includes names, addresses, social security information, health information, and health insurance information. The Dallas City Council has approved a budget of $8.5 million to mitigate the ransomware attack.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

Checklist for Getting Cyber Insurance Coverage

Thales Cloud Protection & Licensing

MAY 10, 2022

Checklist for Getting Cyber Insurance Coverage. The necessity for cyber-insurance coverage. With cyber attacks amounting to a question of when and not if, cyber insurance becomes crucial for ensuring business continuity and mitigating the business impact of attacks – should they occur. Tue, 05/10/2022 - 05:43.

Insurance

Insurance Authentication Risk Ransomware

The Problem With the Small Business Cybersecurity Assistance Act

Security Affairs

JULY 18, 2019

Small Business Development Center (SBDC) locations to secure educational materials, enroll in programs, and work with representatives from the Department of Homeland Security to better understand and confront cyber threats and risks. What Does the SBCAA Seek to Accomplish? But because this service goes underfunded and unheralded, the U.S.

Cybersecurity

Cybersecurity Education Government Risk

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

Data Matters

FEBRUARY 10, 2021

2 announcing a Cyber Insurance Risk Framework (the Framework) that describes industry best practices for New York-regulated property/casualty insurers. According to NYDFS, the incorporation of these practices should be proportionate to each insurer’s size, resources, geographic distribution, and other factors. The Framework.

Insurance

Insurance Financial Services Cybersecurity Risk

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Let’s explore what to expect from the upcoming regulations, provide insights into critical federal and state laws, and offer practical compliance and risk management strategies. These regulations often set standards for cybersecurity practices, incident reporting, and compliance requirements. What are Federal Cybersecurity Regulations?

Cybersecurity

Cybersecurity Computer and Electronics Compliance Privacy

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

May 2018 brought a whirlwind of panic as organisations rushed to meet the compliance deadline, but it was followed by months of unnerving silence. In this blog, we recap the essentials of compliance, explaining how the Regulation works, who it applies to and how you can avoid the same mistakes that Google made. The basics.

GDPR

GDPR Compliance Personal data Data breaches

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

The Last Watchdog

OCTOBER 5, 2023

Byron: Companies often underestimate threats, neglect basic cyber hygiene, and fail to educate employees on cybersecurity. Erin: Do you think cyber insurance should play a bigger role in companies’ cybersecurity strategies? What factors should organizations consider when selecting a cyber insurance policy?

Cybersecurity

Cybersecurity Privacy Cloud IoT

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

Information Governance Perspectives

MAY 10, 2020

In May of 2020 I was honored to speak at the MERv conference with John Frost of Box on the topic of Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance. Privacy makes data governance ethical and tangible, and compliance leaders understand that.

Compliance

Compliance Information governance Privacy Data Privacy

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. It includes multi-disciplinary risk and compliance management solutions and tools, including: IT & security risk management. Compliance management.

Compliance

Compliance Risk Government Retail

CyberheistNews Vol 13 #20 [Foot in the Door] The Q1 2023's Top-Clicked Phishing Scams | INFOGRAPHIC

KnowBe4

MAY 16, 2023

[link] Munich Re: '3X Growth Estimated in Cyber Crime Costs Over the Next 4 Years' As cyber attacks continue to grow in sophistication and frequency, cyber insurers are expecting their market to double in the next two years. I've spent a lot of time here educating you on attack specifics, industry trends, and the impacts felt by attacks.

Phishing

Phishing Insurance Passwords Ransomware

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

Additional bills, amending the California Confidentiality of Medical Information Act (“CMIA”) and the California Insurance Code, also were also signed into law. Penalties for Non-Compliance : The law will be enforced by the California Attorney General or certain district attorneys or city prosecutors.

Privacy

Privacy Insurance Security Data breaches

Australia: Consumer Data Right pipeline to cast a wide net

DLA Piper Privacy Matters

SEPTEMBER 14, 2021

These sectors include: insurance (both general and health insurance); groceries; loyalty schemes; non-bank lenders; superannuation; transport; government; health; education; and. agriculture. Sector designation. the potential for competition and innovation in the relevant sector and the Australian economy more broadly.

Agriculture

Agriculture Insurance Customer Experience Privacy

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

Armstrong Archives

DECEMBER 19, 2023

Whether it’s maintaining regulatory compliance or simply making tax season easier, an effective record retention strategy is paramount. Regular training sessions ensure that new employees are informed and existing staff are reminded of their responsibilities, reducing the risk of non-compliance.

Compliance

Compliance Archiving Digital transformation Records Management

Meeting Evolving Business Needs – A Conversation Between RIM Educators and Thought Leaders

Information Governance Perspectives

MAY 8, 2020

Hunter, Dr. Tao Jin, Dr. Patricia Franks, Rae Lynn Haliday, Cheryl Pederson, and Wendy McLain on the topic of Meeting Evolving Business Needs – A Conversation Between RIM Educators and Thought Leaders. And recruiters are looking for that education and experience. Their executives… and their attorneys, they all realize this.

Education

Education Digital transformation Information governance Search queries

A Guide to Key Management as a Service

Thales Cloud Protection & Licensing

JUNE 15, 2023

KMaaS providers typically offer features such as FIPS 140-2 certified Hardware Security Modules (HSMs) to ensure the highest security and compliance for sensitive keys. Sustained compliance: Encryption and effective key management are key requirements across all security and privacy regulations.

Encryption

Encryption Compliance Cloud Authentication

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

IT Governance

FEBRUARY 6, 2024

Source 1 ; source 2 (New) Professional services USA Yes 11,556 Poder Judicial de Santa Cruz Source (New) Legal Argentina Yes 8,732 J.D.

Data Privacy

Data Privacy Privacy Insurance Security

Final Draft of EU AI Act Leaked

Hunton Privacy

FEBRUARY 1, 2024

Education and Vocational Training. Penalties Non-compliance with the AI Act may lead to significant fines. AI systems intended to be used as safety components in the management and operation of critical digital infrastructure, road traffic and the supply of water, gas, heating or electricity. million or 1.5%

Risk

Risk Education Artificial Intelligence Insurance

What is Cybersecurity Risk Management?

eSecurity Planet

FEBRUARY 11, 2022

The simplest example may be insurance. Life, health, auto, and other insurance are all designed to help a person protect against losses. Maintaining Regulatory Compliance. Also read : Top Governance, Risk, and Compliance (GRC) Tools for 2022. Risk Management Process. The Human Element.

Risk

Risk Cybersecurity Encryption Access

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. Source (New) Professional services Netherlands Yes 28.3 Source (New) Professional services Netherlands Yes 28.3

Data Privacy

Data Privacy Privacy Security Data breaches

Dentists: Don’t Forget HIPAA Compliance

HIPAA

OCTOBER 8, 2013

And, if asked, most dentists and their staff would say they know what the HIPAA regulations are, and yes, they have been trained, but are they really up to date with HIPAA’s ever expanding changes and compliance requirements? It requires a continual effort on the part of the dentist and the office staff.

Compliance

Compliance Privacy Insurance Education

Global October Cybersecurity Events: Where You Can Find Thales

Thales Cloud Protection & Licensing

OCTOBER 5, 2022

Along with celebrating Cyber Security Awareness Month, several exciting events are taking place across the world, aiming to educate people on the latest trends in cybersecurity and privacy. This talk will cover how to effectively leverage Google Cloud’s key management offerings to solve common security and compliance objectives.

Cybersecurity

Cybersecurity Cloud Digital transformation Sales

11 cyber security predictions for 2020

IT Governance

JANUARY 9, 2020

Cyber insurance has in some regions encouraged victims to pay as it is cheaper than remediation in some cases. As such, PCI DSS (Payment Card Industry Data Protection Standard) compliance will become increasingly important. Education is also becoming increasingly important when protecting organisations.

Security

Security IoT Phishing Ransomware

62% of organisations unaware of the GDPR

IT Governance

FEBRUARY 23, 2018

Almost two thirds (62%) of respondents hadn’t heard of the Regulation, and only about 10% had taken steps to meet its compliance requirements. The finance and insurance (79%), information or communications (67%) and education (52%) sectors have the highest awareness of the GDPR.

GDPR

GDPR Compliance Insurance Personal data

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Data Matters

AUGUST 9, 2021

With the growing patchwork of state data privacy laws continuing to pose challenges for compliance—and the potential for federal data privacy legislation at the forefront of policy debates—the UPDPA may provide state legislators with a path toward a standardized statutory scheme.

Data breaches

Data breaches Privacy Personal data Data Privacy

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Data Matters

APRIL 20, 2021

DOL guidance provides a series of questions that should serve as a starting point for this review and includes topics such as the service provider’s information security standards, track record, cybersecurity insurance coverage, and cybersecurity validation techniques.

Cybersecurity

Cybersecurity Insurance Risk Compliance

Phishing emails and malicious attachments responsible for 34% of cyber attacks

IT Governance

MARCH 14, 2018

The gaming and public-sector industries were mostly affected by targeted attacks, whereas the insurance and telecom industries mostly suffered opportunistic attacks. Email is used organisation-wide and, with targeted attacks a growing concern, it is essential that organisations build awareness and educate their employees.

Phishing

Phishing Education Insurance Manufacturing

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

Of the businesses surveyed, those in the finance and insurance industries had the highest levels of awareness (79%), followed by information and communications (67%) and education (52%). Clearly there is still work to be done to ensure compliance by the 25 May deadline. Don’t let your staff be your downfall.

GDPR

GDPR Government Education Compliance

CyberheistNews Vol 12 #49 [Keep An Eye Out] Beware of New Holiday Gift Card Scams

KnowBe4

DECEMBER 6, 2022

You told us you have challenging compliance requirements, not enough time to get audits done, and keeping up with risk assessments and third-party vendor risk is a continuous problem. KCM GRC is a SaaS-based platform that includes Compliance, Risk, Policy and Vendor Risk Management modules. Save My Spot!

Security awareness

Security awareness Phishing Risk Insurance

Regulatory Update: NAIC Summer 2019 National Meeting

Data Matters

SEPTEMBER 4, 2019

The National Association of Insurance Commissioners (NAIC) held its Summer 2019 National Meeting (Summer Meeting) in New York City from August 3 to 6, 2019. The amended regulation took effect on August 1, 2019, for annuity products and will become effective on February 1, 2020, for life insurance products.

Insurance

Insurance Paper Risk Big data

Attracting and Retaining the Next Generation of Information Management Leaders

AIIM

JUNE 2, 2023

Information managers improve business processes, reduce organizational risk, save money, and ensure compliance. Jeff Lewis from Farmers Insurance pointed out that the pandemic may have shaped the perceptions and experiences of Gen Z, who entered the workforce during the pandemic. Empathy plays a crucial role in this.

Insurance

Insurance Analytics Libraries Education

Dentists: Don’t Forget HIPAA Compliance

HIPAA

OCTOBER 8, 2013

And, if asked, most dentists and their staff would say they know what the HIPAA regulations are, and yes, they have been trained, but are they really up to date with HIPAA’s ever expanding changes and compliance requirements? It requires a continual effort on the part of the dentist and the office staff.

Compliance

Compliance Privacy Insurance Education

Dentists: Don’t Forget HIPAA Compliance

HIPAA

OCTOBER 8, 2013

And, if asked, most dentists and their staff would say they know what the HIPAA regulations are, and yes, they have been trained, but are they really up to date with HIPAA’s ever expanding changes and compliance requirements? It requires a continual effort on the part of the dentist and the office staff.

Compliance

Compliance Privacy Insurance Education

Court Compels Non-Party Insurance Agents to Produce Text Messages in TCPA Case: eDiscovery Case Law

eDiscovery Daily

SEPTEMBER 11, 2018

Farmers Insurance Exchange, No. In this Telephone Consumer Protection Act (TCPA) case, the plaintiff alleged that, at the direction of the defendant insurance companies, non-party Farmers Insurance agents James Lohse and Joe Ridgway sent text messages to her without her consent, in violation of the TCPA. In Gould v.

Insurance

Insurance Authentication Education Compliance

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. On March 17, 2022, the U.S.

Cybersecurity

Cybersecurity Privacy Insurance Risk

Top GRC Tools & Software for 2021

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. It includes multi-disciplinary risk and compliance management solutions and tools, including: IT & security risk management. Compliance management.

Compliance

Compliance Risk Government Retail

Have We Become Apathetic About Breaches?

Thales Cloud Protection & Licensing

FEBRUARY 15, 2018

Other cases include health information being stolen and sold to life insurance companies, home breakings being timed for when people are not home based on hacked thermostat information and much more. With more sophisticated attacks and the ensuing damage, why are people seemingly not more concerned about securing their data?

IoT

IoT Encryption Military Insurance

The EU AI Act – the countdown begins

Data Protection Report

JULY 12, 2024

Regulators can also require operators to bring an AI system into compliance or withdraw it from the market. These prohibit some use cases e.g. emotion recognition systems in the workplace and in education or inappropriate use of social scoring. February 2, 2025 – prohibitions apply.

Education

Education Risk Government Insurance

Think you’re not susceptible to phishing? Think again

IT Governance

JANUARY 7, 2018

The next three most successful scams also came from these categories: an email claiming the recipient could claim medical insurance (39.2%), an email purportedly from an accountants claiming a complaint had been filed against the recipient (34.2%) and a message about an apparent Ebola outbreak (27.9%).

Phishing

Phishing Insurance Education Compliance

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Cloud infrastructure entitlement management (CIEM): Manages compliance, risk, and security with controlled user, system, and app cloud resource access. Cloud security posture management (CSPM): Finds gaps and misconfigurations, secures access, and enforces compliance policies in deployed cloud environments.

Security

Security Cloud Cybersecurity Access

How Many States Have Outlawed Ransomware? You May Be Shocked: Cybersecurity Trends

eDiscovery Daily

JANUARY 30, 2020

This while the Insurance Journal reported (via Reuters – hat tip again to Ride the Lightning) last week that U.S. insurers are ramping up cyber-insurance rates by as much as 25% and trying to curb exposure to vulnerable customers after a surge of costly claims. You can register to attend here.

Ransomware

Ransomware Cybersecurity Insurance Education

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

DLA Piper Privacy Matters

APRIL 8, 2019

As for the data subjects, the main purpose is to ensure full compliance with the applicable data protection legislation while processing sensitive social and health care data for secondary purposes. The license authority has the jurisdiction to issue licenses and supervise the compliance with the license terms.

Personal data

Personal data GDPR Healthcare Compliance

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

Security Compliance & Data Privacy Regulations

Webinars

Trending Sources

Top 8 Cyber Insurance Companies for 2022

Webinars

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Checklist for Getting Cyber Insurance Coverage

The Problem With the Small Business Cybersecurity Assistance Act

New York Department of Financial Services Issues First Guidance by a U.S. Regulator Concerning Cyber Insurance

2024 Cybersecurity Laws & Regulations

Wake up to the reality of the GDPR: What you need to know about compliance

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

Top 10 Governance, Risk and Compliance (GRC) Vendors

CyberheistNews Vol 13 #20 [Foot in the Door] The Q1 2023's Top-Clicked Phishing Scams | INFOGRAPHIC

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Australia: Consumer Data Right pipeline to cast a wide net

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

Meeting Evolving Business Needs – A Conversation Between RIM Educators and Thought Leaders

A Guide to Key Management as a Service

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

Final Draft of EU AI Act Leaked

What is Cybersecurity Risk Management?

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

Dentists: Don’t Forget HIPAA Compliance

Global October Cybersecurity Events: Where You Can Find Thales

11 cyber security predictions for 2020

62% of organisations unaware of the GDPR

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

DOL Puts Plan Sponsors and Other Fiduciaries on Notice: ERISA Requires Appropriate Precautions to Mitigate Cybersecurity Threats

Phishing emails and malicious attachments responsible for 34% of cyber attacks

Government survey reveals GDPR awareness is falling short

CyberheistNews Vol 12 #49 [Keep An Eye Out] Beware of New Holiday Gift Card Scams

Regulatory Update: NAIC Summer 2019 National Meeting

Attracting and Retaining the Next Generation of Information Management Leaders

Dentists: Don’t Forget HIPAA Compliance

Dentists: Don’t Forget HIPAA Compliance

Court Compels Non-Party Insurance Agents to Produce Text Messages in TCPA Case: eDiscovery Case Law

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Top GRC Tools & Software for 2021

Have We Become Apathetic About Breaches?

The EU AI Act – the countdown begins

Think you’re not susceptible to phishing? Think again

Network Security Architecture: Best Practices & Tools

How Many States Have Outlawed Ransomware? You May Be Shocked: Cybersecurity Trends

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

Stay Connected