Exercises, Financial Services and Personal data

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

Other government agencies, like the New York Department of Financial Services and the Federal Trade Commission, are also increasingly focused on the need for broad implementation of MFA. Create, Maintain, and Exercise a Cyber Incident Response, Resilience, and Continuity of Operations Plan.

Cybersecurity

Cybersecurity Financial Services Authentication Government

What (currently ignored) privacy area might result in early enforcement action when the GDPR is in force?

Data Protector

JANUARY 29, 2017

And also, what standard of evidence is necessary to be generated, just in case privacy regulators exercise their Article 30(4) right to request it. Each professional consulting firm I’ve come across carries out data protection audits / health checks in different ways. I think not. Perhaps this will change.

GDPR

GDPR Privacy Compliance Personal data

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security

Security Data breaches Ransomware Artificial Intelligence

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

Introduction to Data Protection Laws. Data protection laws, regulations, and rules control the collection, use, transfer, and storage of personal and sensitive information. Personal data protection requirements may be issued by federal, state (provincial), or local governments.

Personal data

Personal data GDPR Privacy Records Management

(Discussion Recap) A Perfect Storm? Panel Discussion on Handling a Cybersecurity Incident

HL Chronicle of Data Protection

MARCH 16, 2020

On Tuesday, 3 March 2020, we welcomed our financial services clients in London to a lively panel event, which covered the multitude of issues which arise in a cybersecurity incident. The incident response plan should be tested in tabletop exercises involving the individuals and teams who would be involved in a real-world incident.

Cybersecurity

Cybersecurity Financial Services Risk Insurance

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

The GDPR was designed to harmonize data protection laws across Europe and to protect EU residents’ data privacy rights; and, its coming triggered significant privacy and data protection compliance activities amongst organizations doing business in the EU and working with the personal data of EU residents.

Personal data

Personal data GDPR Data Privacy Privacy

EU: Binding Corporate Rules are Generating Greater Interest

DLA Piper Privacy Matters

OCTOBER 16, 2019

Multinationals increasingly turning to BCRs as providing more legal certainty for personal data transfers from the EU. The EU General Data Protection Regulation (“GDPR”) brought about stricter data protection rules, and increased penalties for breaching these rules. What are BCRs?

GDPR

GDPR Personal data Marketing Healthcare

UK Government sets out proposals to shake up UK data protection laws

Data Protection Report

SEPTEMBER 28, 2021

Suggested activities include monitoring, detecting or correcting bias in AI systems; using personal data for internal R&D or “business innovation purposes aimed at improving services to customers”; and using audience measurement cookies to improve webpages. Complaints and DSARs.

Government

Government FOIA GDPR Compliance

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. In the U.S., India and Brazil are in the 2020 pipeline and the CCPA has just taken effect. Be one step ahead.

Privacy

Privacy GDPR Data breaches Risk

Security in the finance sector: Whose role is it anyway?

CGI

OCTOBER 25, 2015

All of this leads one to ask: In the midst of these heightened risks, increasing regulations and digital innovation, whose role is it to make sure that financial and personal data is kept safe? The answer is easy—all key players in the finance sector, including consumers, financial services providers and systems integrators.

IT

IT Security Digital transformation Compliance

The Economy of Things: the next value lever for telcos

IBM Big Data Hub

JULY 11, 2023

Telcos can also play the role of data providers as well as data marketplace and brokerage operators within the ecosystem. Vertical data platforms owned and operated by telcos and targeting a specific industry such as automotive, agriculture or financial services already exist today.

IoT

IoT Artificial Intelligence Agriculture Blockchain

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. In the U.S., India and Brazil are in the 2020 pipeline and the CCPA has just taken effect. Be one step ahead.

Privacy

Privacy GDPR Data breaches Risk

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

For example, the New York Department of Financial Services (‘NYDFS’) in March 2017 issued its Cybersecurity Regulation (23 NYCRR 500) (‘the NYDFS Cybersecurity Regulation’), a groundbreaking and far-reaching regulatory regime focused on financial institutions licensed in New York, including insurance companies.

Insurance

Insurance Cybersecurity Data breaches Financial Services

Ireland & UK: Latest trends in data subject access requests in pending litigation

DLA Piper Privacy Matters

JULY 22, 2021

The rights around DSARs are set out in the GDPR and Recital 63 makes it clear that it is the intention that “a data subject should have the right of access to personal data… in order to be aware of, and verify, the lawfulness of the processing”. Approach of the Irish Data Protection Commission. Dealing with the DSAR.

Access

Access Personal data GDPR Financial Services

ICYMI – Late December in privacy and cybersecurity

Data Protection Report

JANUARY 30, 2023

the act of sharing of Personal Data with Third Parties; ‘ b. categories of Personal Data Processed; c. a Controller’s identity d. the country in which Processing occurs e. the identity of Affiliates, Processors, or Third-Parties Personal Data is shared with f. methods by which Consumers can exercise their Data (..)

Privacy

Privacy Cybersecurity Personal data Insurance

Ireland: DPC Annual Report 2020: Enforcement & Transfers Dominate Agenda

DLA Piper Privacy Matters

MARCH 4, 2021

In contrast, only 70 valid data breach notifications were received under the ePrivacy Regulations and 25 notifications under the Law Enforcement Directive. Around 60% of the data breaches notified occurred in the private sector. Unauthorised disclosure of personal data continues to be the leading reason for breach notifications.

GDPR

GDPR Compliance Data breaches Marketing

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Data Protection Report

DECEMBER 17, 2020

The DGR does not create a right to re-use such data, but provides for a set of harmonized basic conditions under which the re-use of such data may be allowed. The DGR does not create a right to re-use such data, but provides for a set of harmonized basic conditions under which the re-use of such data may be allowed.

Government

Government Personal data Marketing Artificial Intelligence

Mexico Issues Cookie and Web Beacon Rules and Privacy Notice Requirements

Hunton Privacy

FEBRUARY 12, 2013

The Guidelines introduce heightened notice and opt-out requirements for the use of cookies, web beacons and similar technology, and they impose extensive requirements on the content and delivery of privacy notices generally (with respect to all personal data, not just data collected via cookies and other automated means).

Privacy

Privacy Personal data Data collection Financial Services

Living in a data sovereign world

IBM Big Data Hub

OCTOBER 16, 2023

Many would use data residency and data sovereignty interchangeably, however, there is a difference between the two: data residency deals with the physical location where data resides and involves considerations such as local laws, regulations and infrastructure, while data sovereignty addresses the ownership, control and legal aspects of data.

Cloud

Cloud Compliance Data Privacy Privacy

The Tension between GDPR and Blockchain: Are they Polar Opposites or Can they Co-exist

AIIM

JANUARY 10, 2019

One of the most notable blockchain skeptics – David Gerard –argues that if “you were silly enough to put personal data into an append-only ledger which is a proof-of-work blockchain — that’d be flat-out insane.”. Both blockchain and GDPR are designed to “democratize” data by giving more control over its use to individuals.

Blockchain

Blockchain GDPR Privacy Personal data

Information Management Today

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

What (currently ignored) privacy area might result in early enforcement action when the GDPR is in force?

Webinars

Trending Sources

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Webinars

The Impact of Data Protection Laws on Your Records Retention Schedule

(Discussion Recap) A Perfect Storm? Panel Discussion on Handling a Cybersecurity Incident

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

EU: Binding Corporate Rules are Generating Greater Interest

UK Government sets out proposals to shake up UK data protection laws

The Privacy Officers’ New Year’s Resolutions

Security in the finance sector: Whose role is it anyway?

The Economy of Things: the next value lever for telcos

The Privacy Officers’ New Year’s Resolutions

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

Ireland & UK: Latest trends in data subject access requests in pending litigation

ICYMI – Late December in privacy and cybersecurity

Ireland: DPC Annual Report 2020: Enforcement & Transfers Dominate Agenda

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Mexico Issues Cookie and Web Beacon Rules and Privacy Notice Requirements

Living in a data sovereign world

The Tension between GDPR and Blockchain: Are they Polar Opposites or Can they Co-exist

Stay Connected