Compliance, Insurance and Personal data - Information Management Today

Over-Retention of Personal Data

Data Protection Report

SEPTEMBER 23, 2021

The declining cost of electronic data storage may have caused some company executives to conclude that retaining personal data forever is “cheap.” The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an inspection by the French data protection authority (the CNIL), in 2019.

Personal data

Personal data Insurance GDPR Record destruction

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

While there are similarities with EU/UK GDPR – and sufficient harmonisation with data protection laws across APAC to continue a regional data compliance in Asia – the practicalities of implementation and compliance should not be underestimated. data subjects, using the GDPR terminology) located within India.

Personal data

Personal data GDPR Data breaches Compliance

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Data Protection Report

MARCH 21, 2023

2] In this context, the Directorate General of the French Treasury has put forward a plan of action with a view to clarifying the cyber-insurance legal framework, better gauging cyber-risks, and enhancing companies’ awareness as regards cyber-risks. 12-10-1 into the French Insurance code. However, in the end, Article L.12-10-1

Insurance

Insurance Data breaches Personal data GDPR

Webinars

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

MORE WEBINARS

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

Delayed Implementation of Thailand?s Personal Data Protection Act

Hunton Privacy

MAY 29, 2020

The implementation of Thailand’s Personal Data Protection Act B.E. Those data controllers for whom compliance has been deferred include agencies and operators of prescribed businesses specified in the Royal Decree on Agencies and Businesses Not Subject to the PDPA B.E. 2563 (2020) (the “Royal Decree”).

Personal data

Personal data Compliance Insurance IT

$10,000,000 civil penalty for disclosing personal data without consent

Data Protection Report

APRIL 30, 2024

The claims related to the company’s sharing personal data without consumer consent and making it very difficult for consumers to cancel their subscriptions to this telehealth service. The order also, in Section IX, set forth data destruction requirements and a data retention policy.

Personal data

Personal data Privacy Information governance Compliance

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

APRIL 22, 2022

That’s where cyber insurance may be able to help. According to the Ponemon Institute and IBM, the global average cost of a data breach is $4.24 But there’s a catch: Insurers are going to carefully assess your cybersecurity controls before writing any policy, and there are limits to coverage. Cyber Insurance is Booming.

Insurance

Insurance Ransomware Cybersecurity Marketing

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Let’s explore what to expect from the upcoming regulations, provide insights into critical federal and state laws, and offer practical compliance and risk management strategies. These regulations often set standards for cybersecurity practices, incident reporting, and compliance requirements. What are Federal Cybersecurity Regulations?

Cybersecurity

Cybersecurity Computer and Electronics Compliance Privacy

GUEST ESSAY: Massive NPD breach tells us its high time to replace SSNs as an authenticator

The Last Watchdog

SEPTEMBER 24, 2024

The growing threat of cybercrime, including ransomware attacks and large-scale data leaks, is also pushing individuals to take more control of their personal data. Credit monitoring services provide ongoing tracking of credit reports for suspicious activity, and some even offer insurance for identity theft-related losses.

Authentication

Authentication IT ROT Compliance

Checklist for Getting Cyber Insurance Coverage

Thales Cloud Protection & Licensing

MAY 10, 2022

Checklist for Getting Cyber Insurance Coverage. The necessity for cyber-insurance coverage. With cyber attacks amounting to a question of when and not if, cyber insurance becomes crucial for ensuring business continuity and mitigating the business impact of attacks – should they occur. Tue, 05/10/2022 - 05:43.

Insurance

Insurance Authentication Risk Ransomware

CIAM in insurance: A unified, secure user experience with a single login

Thales Cloud Protection & Licensing

MAY 26, 2023

CIAM in insurance: A unified, secure user experience with a single login madhav Fri, 05/26/2023 - 07:33 In recent years, the insurance industry has transformed from a singularly focused entity to a multi-brand or multi-service type of business. Adding value to the user experience (a top priority for 59% of insurers) 2.

Insurance

Insurance Digital transformation Security Authentication

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Hunton Privacy

JULY 1, 2022

In its consent order , the Department noted that the cybersecurity events had caused the exposure of a substantial amount of sensitive personal data belonging to Carnival’s customers, including those residing in New York. NYDFS also found that Carnival had failed to implement basic protocols to prevent data breaches.

Cybersecurity

Cybersecurity Insurance Phishing Financial Services

Predictive data quality + adaptive data governance = robust compliance by design

Collibra

JANUARY 14, 2022

The concern of protecting this data, especially personal data , has been around for quite some time. The sheer volume of data and the increased proliferation of cloud technology has brought this concern to the fore again. The intersection of data quality and compliance. Data quality is its fitness for use.

Compliance

Compliance Government GDPR Personal data

California Legislature Passes Bill Regulating Data Brokers

Hunton Privacy

SEPTEMBER 21, 2023

362 (“Act”), a bill that would impose new requirements on data brokers and grant residents new rights designed to facilitate control over their personal data. The Act would grant California consumers the right to request that data brokers (1) delete and (2) limit the further sale and sharing of consumers’ personal data.

Insurance

Insurance Personal data Sales Compliance

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. GDPR Compliance Starts with Data Discovery.

GDPR

GDPR Compliance Privacy Data Privacy

EUROPE: Are GDPR fines insurable in the countries where you operate?

DLA Piper Privacy Matters

MAY 17, 2018

DLA Piper and Aon have launched a guide ‘ The price of data security ‘, ahead of the General Data Protection Regulation (GDPR), effective from 25 May 2018. The guide reviews the insurability of GDPR fines across Europe, which can reach up to €20 million or, if higher, up to 4% of a group’s annual global turnover.

Insurance

Insurance GDPR Data breaches Personal data

A guide to the GDPR for insurance companies

IT Governance

MAY 30, 2018

The EU General Data Protection Regulation (GDPR) is designed to harmonise data protection laws across the EU, but certain industries will have to respond differently in order to achieve compliance. A report published by research and consultancy company Celent highlights the challenges that the GDPR presents to insurers.

Insurance

Insurance GDPR Compliance Data collection

HHS Targets Small Behavioral Health Clinic for HIPAA Violations Following Ransomware Investigation

Hunton Privacy

FEBRUARY 29, 2024

Distribute policies and procedures to the workforce and collect compliance certifications from all members. Review, develop or revise its policies and procedures, which must contain “minimum content” as specified in the Corrective Action Plan, and provide them to HHS for review. Investigate all likely policy violations.

Ransomware

Ransomware Personal data Risk Privacy

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. The protection of personal data.

Privacy and Cybersecurity Law

SEPTEMBER 15, 2021

To be considered a high-quality dataset, the personal data included therein must be processed in accordance with the GDPR. The compliance verification immediately brings to mind the impact assessment pursuant to Article 35 of the GDPR. In fact, there are no boundaries for artificial intelligence when it comes to law.

Artificial Intelligence

Artificial Intelligence Personal data GDPR Compliance

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

DLA Piper Privacy Matters

APRIL 8, 2019

The new Act codifies the relevant legislation and broadens the possibilities to, under certain conditions, utilize and combine for secondary purposes personal data collected in relation to public or private social and health care operations. The decisions on licenses are subject to an appeal.

Personal data

Personal data GDPR Healthcare Compliance

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

Thales Cloud Protection & Licensing

MARCH 6, 2018

Every year, new regulations and compliance orders come into play that impact businesses across the world. This year, the major regulation that will be implemented, is the European Union’s General Data Protection Regulation (GDPR) , which takes effect on May 25, 2018. appeared first on Data Security Blog | Thales e-Security.

Compliance

Compliance GDPR Encryption Data Privacy

CNIL Provides Update on Compliance Pack Regarding Connected Vehicles

Hunton Privacy

OCTOBER 5, 2016

On October 3, 2016, at the Paris Motor Show, the French Data Protection Authority (“CNIL”) reported on the progress of a new compliance pack on connected vehicles. The compliance pack on connected vehicles will contain guidelines regarding the responsible use of personal data for the next generation of vehicles.

Compliance

Compliance Personal data Data collection Insurance

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

We’re through the eye of the GDPR (General Data Protection Regulation) storm. May 2018 brought a whirlwind of panic as organisations rushed to meet the compliance deadline, but it was followed by months of unnerving silence. Territorial scope refers to where the data is coming from. The basics.

GDPR

GDPR Compliance Personal data Data breaches

CNIL Launches Work on Compliance Pack Regarding Connected Vehicles

Hunton Privacy

MARCH 28, 2016

On March 23, 2016, the Chairwoman of the French Data Protection Authority (“CNIL”) opened proceedings that will lead to the release of a compliance pack on connected vehicles. The CNIL announced that the compliance pack will contain guidelines regarding the responsible use of personal data for the next generation of vehicles.

Compliance

Compliance Personal data Insurance IT

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Data Matters

AUGUST 9, 2021

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”). Uniform Personal Data Protection Act.

Data breaches

Data breaches Privacy Personal data Data Privacy

How to Effectively Draft Data Processing Agreements to Protect Information Shared with Service Providers – Part 1

Data Protection Report

DECEMBER 4, 2023

Data protection agreements (DPAs) are vital instruments that form part of a service agreement. They allow the business (the data controller) to impose privacy obligations on the third-party service provider (the data processor).

Insurance

Insurance Privacy Compliance Personal data

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance

Insurance Cybersecurity Data breaches Financial Services

Mastering healthcare data governance with data lineage

IBM Big Data Hub

MAY 9, 2024

The healthcare industry faces arguably the highest stakes when it comes to data governance. For starters, healthcare organizations constantly encounter vast (and ever-increasing) amounts of highly regulated personal data. healthcare, managing the accuracy, quality and integrity of data is the focus of data governance.

Government

Government GDPR Compliance Analytics

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

45 of 2021 on the Protection of Personal Data Protection (“ PDPL ”), which was issued on 26 September 2021. In this regard we expect it will be welcomed by local, regional and international businesses, in particular those that rely heavily upon personal data and international personal data flows.

Personal data

Personal data Data breaches GDPR Compliance

CNIL Publishes Guidance on Web Scraping and Re-Use of Publicly Available Online Data for Direct Marketing

Hunton Privacy

MAY 4, 2020

On April 30, 2020, the French Data Protection Authority (the “CNIL”) published guidance on the extraction of web users’ personal data from online public spaces by web scraping tools and re-use of such data for direct marketing (the “Guidance”). Compliance with Basic Data Protection Principles. Background.

Marketing

Marketing GDPR Communications Personal data

How to Manage Your Cyber Risks

IT Governance

OCTOBER 11, 2022

Whether they’re taking small steps, such as installing antivirus software, or large ones, such as a GDPR (General Data Protection Regulation) compliance campaign, they consider it ‘job done’ when the implementation project is complete. Why Cyber Insurance is Essential in 2022.

Risk

Risk GDPR Information Security Personal data

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

The Last Watchdog

APRIL 30, 2019

The participation led to the idea behind CyberSaint The company supplies a platform, called CyberStrong, that automatically manages risk and compliance assessments across many types of frameworks. That could be for insurance purposes. “As As with any insurance, cyber insurance really requires due care.” Wrenn said. “So

Cybersecurity

Cybersecurity Insurance Security Privacy

Data protection strategy: Key components and best practices

IBM Big Data Hub

MAY 28, 2024

While data security focuses on protecting digital information from threat actors and unauthorized access, data protection does all that and more. Failure to comply with these data protection laws can result in hefty fines. In May 2023, Ireland’s data protection authority imposed a USD 1.3

Data breaches

Data breaches GDPR Compliance Encryption

How to Create & Implement a Cloud Security Policy

eSecurity Planet

SEPTEMBER 16, 2024

It establishes rules for cloud data security , access management, and threat response. Ensure regulatory compliance: Helps firms meet all applicable legal and industry-specific standards. This assistance helps you prevent costly penalties and legal concerns related to non-compliance.

Cloud

Cloud Security Compliance Risk

Where data meets IP – Derivative data in M&A transactions

Data Protection Report

JANUARY 19, 2022

As data has become a larger component of transactions and business, regulators have imposed requirements to address privacy concerns and protect the ownership of personal data. Non-compliance with these restrictions can result in significant unexpected costs in a transaction. Indemnities.

Compliance

Compliance Access Personal data Risk

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

DLA Piper Privacy Matters

NOVEMBER 6, 2019

On 30 October 2019, the Berlin Commissioner for Data Protection and Freedom of Information ( Berliner Beauftragte für Datenschutz und Informationsfreiheit – “ Berlin DPA ”) imposed an administrative fine of about EUR 14.5 million against Deutsche Wohnen SE for infringements of the General Data Protection Regulation (GDPR).

GDPR

GDPR Personal data Archiving Compliance

CCPA and the future of the health data economy

Collibra

NOVEMBER 20, 2019

Organizations engaging with personal healthcare data need to pay close attention to the rapidly evolving regulatory environment. Over the next few years, the compliance requirements around personal healthcare data are set to evolve at breakneck speed. Exploring CCPA and healthcare data.

Data Privacy

Data Privacy Insurance Personal data Privacy

French DPA Publishes a Compliance Pack Regarding Connected Vehicles

Hunton Privacy

OCTOBER 27, 2017

On October 17, 2017, the French Data Protection Authority (“CNIL”), after a consultation with multiple industry participants that was launched on March 23, 2016, published its compliance pack on connected vehicles (the “Pack”) in line with its report of October 3, 2016. 3. “IN -> OUT -> IN” scenario.

Compliance

Compliance Data collection GDPR Insurance

Saudi Arabia’s New Data Protection Law – What you need to know

DLA Piper Privacy Matters

OCTOBER 7, 2021

The Middle East’s data protection regulatory landscape is complex, and continues to develop with Saudi Arabia’s ( KSA ) newly published Personal Data Protection Law ( PDPL ). While the PDPL contains the main features of a modern data protection law, it cannot be considered a direct analogue of the GDPR.

Personal data

Personal data Compliance Computer and Electronics IoT

Ireland: Large-scale inquiries progress as DPC budget and staff numbers ramp up

DLA Piper Privacy Matters

FEBRUARY 28, 2022

Primary areas of focus for the DPC in 2021 included the safeguarding of children’s data protection rights, progressing ongoing large-scale inquires and prioritising responding to complaints which have raised issues of substance, with a data subject centric approach to resolution. Ongoing Inquiries & Data Transfer Enforcement.

Financial Services

Financial Services Data breaches Personal data Compliance

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

New EU restrictions could force companies to change data transfer practices and adopt more advanced data encryption methods. Traditionally, privacy has taken the form of a policy document created, housed, and referenced by the offices of general counsel and compliance at most organizations. Multinationals Face Unique Challenges.

Data Privacy

Data Privacy Privacy Security Encryption

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

These are just some examples of how organizations support data privacy , the principle that people should have control of their personal data, including who can see it, who can collect it, and how it can be used. One cannot overstate the importance of data privacy for businesses today.

Data Privacy

Data Privacy Privacy GDPR Personal data

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

The group has diversified its activities into the banking and insurance, travel agency and e-commerce sectors. Between June 8, 2018 and April 6, 2019, the CNIL received 15 complaints from individuals relating to the exercise of their data protection rights with affiliates of the Carrefour Group. Background. and carrefour-banque.fr

GDPR

GDPR Personal data Data collection Marketing

CCPA and the future of the health data economy

Collibra

NOVEMBER 20, 2019

Organizations engaging with personal healthcare data need to pay close attention to the rapidly evolving regulatory environment. Over the next few years, the compliance requirements around personal healthcare data are set to evolve at breakneck speed. Exploring CCPA and healthcare data.

Data Privacy

Data Privacy Insurance Personal data Privacy

Over-Retention of Personal Data

India: New Digital Personal Data Protection Act, Start Planning Now.

Webinars

Trending Sources

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Webinars

Security Compliance & Data Privacy Regulations

Delayed Implementation of Thailand?s Personal Data Protection Act

$10,000,000 civil penalty for disclosing personal data without consent

Top 8 Cyber Insurance Companies for 2022

2024 Cybersecurity Laws & Regulations

GUEST ESSAY: Massive NPD breach tells us its high time to replace SSNs as an authenticator

Checklist for Getting Cyber Insurance Coverage

CIAM in insurance: A unified, secure user experience with a single login

NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

Predictive data quality + adaptive data governance = robust compliance by design

California Legislature Passes Bill Regulating Data Brokers

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

EUROPE: Are GDPR fines insurable in the countries where you operate?

A guide to the GDPR for insurance companies

HHS Targets Small Behavioral Health Clinic for HIPAA Violations Following Ransomware Investigation

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. The protection of personal data.

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

CNIL Provides Update on Compliance Pack Regarding Connected Vehicles

Wake up to the reality of the GDPR: What you need to know about compliance

CNIL Launches Work on Compliance Pack Regarding Connected Vehicles

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

How to Effectively Draft Data Processing Agreements to Protect Information Shared with Service Providers – Part 1

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

Mastering healthcare data governance with data lineage

UAE: Federal level data protection law enacted

CNIL Publishes Guidance on Web Scraping and Re-Use of Publicly Available Online Data for Direct Marketing

How to Manage Your Cyber Risks

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

Data protection strategy: Key components and best practices

How to Create & Implement a Cloud Security Policy

Where data meets IP – Derivative data in M&A transactions

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

CCPA and the future of the health data economy

French DPA Publishes a Compliance Pack Regarding Connected Vehicles

Saudi Arabia’s New Data Protection Law – What you need to know

Ireland: Large-scale inquiries progress as DPC budget and staff numbers ramp up

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Data privacy examples

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

CCPA and the future of the health data economy

Stay Connected