Data collection and Insurance - Information Management Today

Insurance and Ransomware

Schneier on Security

JULY 1, 2021

Here’s one more contribution to that issue: a research paper that the insurance industry is hurting more than it’s helping. Although it is a societal problem, cyber insurers have received considerable criticism for facilitating ransom payments to cybercriminals.

Insurance

Insurance Ransomware Paper Marketing

Streamlining Data Collection for Investigations and eDiscovery

OpenText Information Management

SEPTEMBER 22, 2023

Additionally, the risks associated with protecting that data have never been higher, due to strengthened data privacy laws worldwide and increasing cyberattacks on businesses everywhere.

Data collection

Data collection Data Privacy Privacy Risk

Texas Sues GM for Collecting Driving Data without Consent

Schneier on Security

AUGUST 14, 2024

The suit said those two companies then sold these scores to insurance companies. Insurance companies can use data to see how many times people exceeded a speed limit or obeyed other traffic laws. Some insurance firms ask customers if they want to voluntarily opt-in to such programs, promising lower rates for safer drivers.

Insurance

Insurance Manufacturing Sales Data collection

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Are Fake COVID Testing Sites Harvesting Data?

Schneier on Security

JANUARY 19, 2022

Doctors Clinical Lab, the lab Center for COVID Control uses to process tests, makes money by billing patients’ insurance companies or seeking reimbursement from the federal government for testing.

Insurance

Insurance Marketing Government IT

China Insurance Regulatory Agency Promulgates New Rule Protecting Personal Data of Life Insurance Customers

Hunton Privacy

NOVEMBER 20, 2013

On November 4, 2013, the China Insurance Regulatory Commission, which is the Chinese regulatory and administrative authority for the insurance sector, issued the Interim Measures for the Management of the Authenticity of Information of Life Insurance Customers (the “Measures”).

Insurance

Insurance Personal data Authentication Records Management

A guide to the GDPR for insurance companies

IT Governance

MAY 30, 2018

A report published by research and consultancy company Celent highlights the challenges that the GDPR presents to insurers. Insurers are data controllers: a person, public authority, agency or body that determines the purpose of processing personal data. Steps insurers should take to become GDPR compliant.

Insurance

Insurance GDPR Compliance Data collection

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

During the week of October 4, 2021, California Governor Gavin Newsom signed into law bills amending the California Privacy Rights Act of 2020 (“CPRA”), California’s data breach notification law and California’s data security law. The bill uses the same definition of “genetic data” as provided for in AB-825.

Privacy

Privacy Insurance Security Data breaches

Connecticut Tightens its Data Breach Notification Laws

Data Protection Report

OCTOBER 3, 2021

biometric information consisting of data generated by electronic measurements of an individual’s unique physical characteristics used to authenticate or ascertain the individual’s identity, such as a fingerprint, voice print, retina or iris image.

Data breaches

Data breaches IT Insurance Passwords

CNIL Publishes Guidance on Web Scraping and Re-Use of Publicly Available Online Data for Direct Marketing

Hunton Privacy

MAY 4, 2020

Companies that collect, for their own purposes, all the personal data from a given geographic area in online directories and then use the data to send their own direct marketing communications ( e.g. , an insurance company to sell insurance products). In this case, the practice is clearly unlawful.

Marketing

Marketing GDPR Communications Personal data

Regulatory Update: NAIC Spring 2019 National Meeting

Data Matters

MAY 9, 2019

The National Association of Insurance Commissioners (NAIC) held its Spring 2019 National Meeting (Spring Meeting) in Orlando, Florida, from April 6 to 9, 2019. ceding insurer could be eligible for the same reduced collateral requirements that would apply to qualifying EU reinsurers under the revised CFR Model Laws.

Insurance

Insurance Blockchain Big data Risk

Autonomous Vehicles – Canada’s Current Legal Framework: Privacy (Part 4)

Data Protection Report

FEBRUARY 23, 2023

AVs currently under development can collect location data, biometric data, driver behaviour information, and information acquired through synced mobile devices (e.g., A considerable amount of the data collected by AVs could be considered personal information, and in some cases, “sensitive information.”

Privacy

Privacy Manufacturing Artificial Intelligence Data collection

Berlin Commissioner Issues Fine to Deutsche Wohnen SE

Hunton Privacy

NOVEMBER 6, 2019

After conducting onsite inspections in June 2017 and March 2019, the Berlin Commissioner noticed that Deutsche Wohnen SE was retaining personal data of tenants for an unlimited period, without examining whether the retention was legitimate or at all necessary. After the inspection of 2017, Deutsche Wohnen SE improved its archiving system.

GDPR

GDPR Archiving Personal data Insurance

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me. The data is published after Medibank reportedly declines to pay a US$10 million ransom demand.

Passwords

Passwords Ransomware Computer and Electronics Access

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Health Insurance Portability & Accountability Act (HIPAA) The Health Insurance Portability and Accountability Act (HIPAA) sets standards for protecting sensitive health information, particularly electronic health records (EHRs).

Cybersecurity

Cybersecurity Computer and Electronics Compliance Privacy

What is progressive profiling and how can it benefit your business?

Thales Cloud Protection & Licensing

JULY 3, 2023

madhav Tue, 07/04/2023 - 05:10 As the data trust gap between customers and businesses continue to grow, and as third-party cookies become redundant, there is an urgency to adopt a modernized approach to customer data collection. Progressive profiling introduces a fresher and far more proactive take on data collection.

Data collection

Data collection IT B2C B2B

A Guide to CCPA Compliance and How the California Consumer Privacy Act Compares to GDPR

erwin

APRIL 18, 2019

These include: Medical information covered by the Confidentiality of Medical Information Act (CMIA) and the Health Insurance Portability and Accountability Act (HIPAA). Under the GDPR, organizations must make any personal data collected from an EU citizen available upon request. What about access requests? .

GDPR

GDPR Compliance Privacy Personal data

2.9 Billion Records Exposed in NPD Breach: How to Stay Safe

eSecurity Planet

AUGUST 20, 2024

The company allegedly obtained this information from non-public sources without the consent of the person filing the complaint or the potentially billions of others affected by the data collection. They often include insurance and recovery assistance if your identity is compromised.

Data breaches

Data breaches Passwords Encryption Authentication

Nationwide Agrees to Pay $5.5 Million to Settle Multistate Data Breach Investigation

Hunton Privacy

AUGUST 10, 2017

On August 9, 2017, Nationwide Mutual Insurance Co. million settlement with attorneys general from 32 states in connection with a 2012 data breach that exposed the personal information of over 1.2 In October 2012, Nationwide and its affiliate, Allied Property & Casualty Insurance Co. Nationwide”) agreed to a $5.5

Data breaches

Data breaches Insurance Data collection Risk

CCPA: Employers Should Consider Implications for Employee Benefit Plans

Hunton Privacy

JANUARY 16, 2019

As we move closer to implementation of the California Consumer Privacy Act of 2018 (“CCPA”), companies should consider how the new law could affect their operations in multiple ways – including, for example, data collected through their employee benefit plans. Liberty Mutual Insurance Company , the U.S.

Insurance

Insurance Data collection Privacy IT

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

The Last Watchdog

SEPTEMBER 20, 2019

Eventually, governments will address the risk by beefing up security and purchasing cyber insurance, which go hand in glove. Ransomware attacks against local government entities at some point will run its course.

Ransomware

Ransomware Government Security Retail

Put Your Taproot Into the Independent Web

John Battelle's Searchblog

JANUARY 24, 2012

You may only request user data needed to operate your app (if you create a Facebook app as part of your presence on Facebook). - You may not use data collected in your app in your other advertising efforts (including ad networks). - You may not integrate analytics from third party sources into your efforts inside Facebook.

Insurance

Insurance Data collection Analytics IT

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. On March 17, 2022, the U.S.

Cybersecurity

Cybersecurity Privacy Insurance Risk

EUROPE: New privacy rules for connected vehicles in Europe?

DLA Piper Privacy Matters

MAY 5, 2020

Main takeaways from the EDBP guidelines are: Connected vehicles raise various privacy and data protection concerns, such as the lack of control and information asymmetry, the risk of excessive data collection; the risk of unlawful further processing of personal data; Most data associated with connected vehicles are considered as personal data (e.g.

Privacy

Privacy Personal data GDPR Insurance

Another fine for over-retention of data

Data Protection Report

APRIL 7, 2022

CafePress included in its email responses to consumers’ commonly asked questions, “CafePress.com also pledges to use the best and most accepted methods and technologies to insure [sic] your personal information is safe and secure.”

Privacy

Privacy Compliance Insurance Security

The Internet of Things (IoT): Managing the Data Tsunami

Collibra

APRIL 3, 2019

Yet along that path there will be numerous obstacles to overcome – chiefly related to data privacy and governance. The Internet-of-Things has the potential to transform a range of industries – from automotive and agriculture through to healthcare, home appliances and insurance services.

IoT

IoT Agriculture Digital transformation Energy and Utilities

NHS’ Plans to Share Patient Records with Third Parties

Data Matters

JUNE 9, 2021

NHS Digital (the national custodian for health and care data in England) in May 2021, announced a new data sharing initiative called the General Practice Data for Planning and Research (GPDPR) service. Once collected, the data will be combined to create a single, national data lake.

Healthcare

Healthcare Data collection Personal data GDPR

French DPA Publishes a Compliance Pack Regarding Connected Vehicles

Hunton Privacy

OCTOBER 27, 2017

The data collected in the vehicle remains in that vehicle and is not shared with a service provider ( e.g. , an eco-driving solution that processes data directly in the vehicle to display eco-driving tips in real time on the vehicle’s dashboard). “IN -> IN” scenario. 2. “IN -> OUT” scenario.

Compliance

Compliance Data collection GDPR Insurance

Behavioral Analytics in Cybersecurity: Does It Work as Advertised?

eSecurity Planet

OCTOBER 11, 2022

To focus on the cybersecurity aspect first, there is the problem of what data your UEBA solution is taking in. If it’s just data collected during the user’s work hours or while they are using company hardware/software, it’s probably fine as long as you make that monitoring clear to the user in advance.

Analytics

Analytics Cybersecurity IT Data breaches

Data Innovator Spotlight - Interview with Charles Joseph, DataZed

Reltio

JUNE 12, 2020

1 sentence company description: DataZed is a consultancy that works with organizations to improve their data quality, data governance and data strategy. 1-2 Previous Roles & Companies: Worked as a consultant with general insurers, Lloyd’s market firms, brokers and reinsurers, including Beazley Group and RSA.

Insurance

Insurance Customer Experience B2B MDM

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

The group has diversified its activities into the banking and insurance, travel agency and e-commerce sectors. Between June 8, 2018 and April 6, 2019, the CNIL received 15 complaints from individuals relating to the exercise of their data protection rights with affiliates of the Carrefour Group. Background. and carrefour-banque.fr

GDPR

GDPR Personal data Data collection Marketing

CNIL Provides Update on Compliance Pack Regarding Connected Vehicles

Hunton Privacy

OCTOBER 5, 2016

It is currently drafted in cooperation with the automobile industry, innovative companies from the insurance and telecommunications sector, and public authorities. The data processing rules should be defined on a case-by-case basis, taking into account the scenario adopted, the type of data collected and users’ legitimate expectations.

Compliance

Compliance Personal data Data collection Insurance

Driving Conversations Around Careers In Telematics

Information Governance Perspectives

APRIL 5, 2023

Wireless telematics devices and “black box” technologies collect and transmit data on vehicle use, maintenance requirements, and automotive servicing. John Danenberger, CPCU, is Corporate Counsel at State Farm Insurance and specializes in addressing emerging issues around telematics. What’s it like to work in this field?

Insurance

Insurance Military Manufacturing Artificial Intelligence

California’s Data Broker Registration Deadline Looming

HL Chronicle of Data Protection

JANUARY 24, 2020

AB 1202 defines “data broker” to mean a “business that knowingly collects and sells to third parties the personal information of a consumer with whom the business does not have a direct relationship,” with limited exceptions for entities subject to FCRA, GLBA, or California’s Insurance Information and Privacy Protection Act.

Data collection

Data collection Insurance Privacy IT

34 Most Common Types of Network Security Protections

eSecurity Planet

MARCH 17, 2023

Within this framework are requirements to minimize lateral movement and impact in breach scenarios as well as data collection and response requirements. In worst-case scenarios, these firms should cover your business if you’re impacted by a data breach that leaks sensitive information and leads to fines and legal fees.

Security

Security Encryption Analytics Cloud

New Self-Regulatory Principles for Multi-Site Data

Hunton Privacy

NOVEMBER 10, 2011

This week, the Digital Advertising Alliance (the “DAA”) unveiled new “ Self-Regulatory Principles for Multi-Site Data ” (the “Principles”), aimed at expanding the scope of industry self-regulation with respect to online data collection.

Data collection

Data collection Insurance Privacy Marketing

Best Fraud Management Systems & Detection Tools in 2022

eSecurity Planet

SEPTEMBER 16, 2022

Banks, financial services, and insurance companies are especially vulnerable to fraud due to their access to large amounts of money and sensitive information for customers and employees alike. As the volume of data collected increases, users may experience slower processing times than they expect.

Analytics

Analytics Risk Authentication Financial Services

Privacy in an open-data world: Why government agencies need to be proactive

Collibra

JUNE 23, 2023

They are the California Consumer Privacy Act (CPRA), the Health Insurance Portability and Accountability Act (HIPAA), the FBI’s Criminal Justice Information Services (or CJIS), and many more. Focus: Regulatory frameworks Within the United States there are a number of regulatory frameworks that address citizen privacy.

Privacy

Privacy Government Data Privacy Data breaches

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

Thales Cloud Protection & Licensing

JULY 12, 2018

As I often highlight in my blogs, data breaches have become all too common, and these continue to have a negative influence on corporate reputation and brand image, resulting in reduced market value and revenues. Protecting the integrity and confidentiality of data collected by all connected devices.

IoT

IoT Encryption Data collection Agriculture

What IG Professionals Should Know About the Internet of Bodies

ARMA International

FEBRUARY 21, 2020

There are serious questions of whether tech companies can effectively protect data, the users, and IoB “nodes” from malicious hacking, and whether insurance companies should be able to increase premiums or even deny health coverage based on information generated by IoB data. It has never been able to do so. For More Information.

Computer and Electronics

Computer and Electronics Privacy Artificial Intelligence IoT

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

Summary of key requirements under the DPDP Act Scope of the DPDP Act: The DPDP Act is applicable to the processing of “digital personal data”, which includes personal data collected either digitally, or collected in a non-digitised form and subsequently converted into digital form. payments, insurance etc).

Personal data

Personal data GDPR Data breaches Compliance

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

This aligns with other recent guidance putting clearer parameters around use of biometric data in China). Purposes/Restrictions on Use Collection and processing of data must be directly related to the purpose of processing specified in the privacy notice. Excessive data collection must be avoided.

Data Privacy

Data Privacy Privacy Compliance Analytics

DocuWare Forms for Information Management Offer Enhanced Web Forms for Clearer Data Capture

Info Source

JULY 17, 2018

New Windsor, July 17, 2018 – Web-based forms created with DocuWare Forms simplify and speed up data collection. Recognizing the high utility of web forms and its widespread use in its customer base, DocuWare enhanced the functionality of input fields for optimized, structured data collection.

Data collection

Data collection Insurance Data Privacy Paper

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

DLA Piper Privacy Matters

APRIL 8, 2019

This fragmentation has, unsurprisingly, lead to a heavy administrative burden for the secondary users of social and health care data by parallel and slow licence procedures with various authorities.

Personal data

Personal data GDPR Healthcare Compliance

Spanish DPA Publishes Report on Data Processing Activities in Relation to COVID-19

Hunton Privacy

MARCH 25, 2020

The Report concludes that personal data processing should be consistent with all basic data protection principles, including data minimization and purpose limitation principles.

Personal data

Personal data GDPR Risk Insurance

Insurance and Ransomware

Streamlining Data Collection for Investigations and eDiscovery

Webinars

Trending Sources

Texas Sues GM for Collecting Driving Data without Consent

Webinars

Are Fake COVID Testing Sites Harvesting Data?

China Insurance Regulatory Agency Promulgates New Rule Protecting Personal Data of Life Insurance Customers

A guide to the GDPR for insurance companies

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Connecticut Tightens its Data Breach Notification Laws

CNIL Publishes Guidance on Web Scraping and Re-Use of Publicly Available Online Data for Direct Marketing

Regulatory Update: NAIC Spring 2019 National Meeting

Autonomous Vehicles – Canada’s Current Legal Framework: Privacy (Part 4)

Berlin Commissioner Issues Fine to Deutsche Wohnen SE

Happy 13th Birthday, KrebsOnSecurity!

2024 Cybersecurity Laws & Regulations

What is progressive profiling and how can it benefit your business?

A Guide to CCPA Compliance and How the California Consumer Privacy Act Compares to GDPR

2.9 Billion Records Exposed in NPD Breach: How to Stay Safe

Nationwide Agrees to Pay $5.5 Million to Settle Multistate Data Breach Investigation

CCPA: Employers Should Consider Implications for Employee Benefit Plans

MY TAKE: SMBs can do much more to repel ransomware, dilute disinformation campaigns

Put Your Taproot Into the Independent Web

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

EUROPE: New privacy rules for connected vehicles in Europe?

Another fine for over-retention of data

The Internet of Things (IoT): Managing the Data Tsunami

NHS’ Plans to Share Patient Records with Third Parties

French DPA Publishes a Compliance Pack Regarding Connected Vehicles

Behavioral Analytics in Cybersecurity: Does It Work as Advertised?

Data Innovator Spotlight - Interview with Charles Joseph, DataZed

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

CNIL Provides Update on Compliance Pack Regarding Connected Vehicles

Driving Conversations Around Careers In Telematics

California’s Data Broker Registration Deadline Looming

34 Most Common Types of Network Security Protections

New Self-Regulatory Principles for Multi-Site Data

Best Fraud Management Systems & Detection Tools in 2022

Privacy in an open-data world: Why government agencies need to be proactive

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

What IG Professionals Should Know About the Internet of Bodies

India: New Digital Personal Data Protection Act, Start Planning Now.

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DocuWare Forms for Information Management Offer Enhanced Web Forms for Clearer Data Capture

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

Spanish DPA Publishes Report on Data Processing Activities in Relation to COVID-19

Stay Connected