Exercises, Government and Insurance - Information Management Today

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. government, especially in light of ongoing tensions between the U.S. Create, Maintain, and Exercise a Cyber Incident Response, Resilience, and Continuity of Operations Plan.

Cybersecurity

Cybersecurity Financial Services Authentication Government

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

Additional bills, amending the California Confidentiality of Medical Information Act (“CMIA”) and the California Insurance Code, also were also signed into law. AB-825 : This bill amends California’s (1) data breach notification law (for both government agencies (Cal. This bill becomes effective January 1, 2022.

Privacy

Privacy Insurance Security Data breaches

Our Data Governance Is Broken. Let’s Reinvent It.

John Battelle's Searchblog

JANUARY 25, 2019

My current work is split between two projects: One has to do with data governance, the other political media. And second… Governance. Government – well for sure, I’d wager that’s increased given who’s been running the country these past two years. But Governance? Data Governance. We’ll start with Governance.

Government

Government IT Marketing ROT

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

California Legislature Passes Bill to Establish the Genetic Information Privacy Act, Pending Governor’s Signature

Hunton Privacy

SEPTEMBER 1, 2020

Not disclosing, subject to specified exceptions, a consumer’s genetic data to certain entities ( e.g. , those responsible for making decisions regarding health insurance, life insurance or employment). Violations of the Act are subject to civil penalties. Department of Health and Human Services pursuant to HIPAA and the HITECH Act.

Privacy

Privacy Insurance Marketing Information governance

Telehealth Hazard? HHS Loosens HIPAA Standards for Telemedicine

Adam Levin

MARCH 18, 2020

While the transition to remote appointments may help flatten the curve of Covid-19 cases and provide much-needed relief to medical professionals, it does create a new set of cybersecurity concerns, especially regarding compliance with the Health Insurance Portability and Accountability Act (HIPAA ).

Communications

Communications Insurance Compliance Cybersecurity

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

Article 28 lays out the obligation requirements that govern the relationship between data controllers and processors. They also assist in mitigating risks, particularly identification of appropriate cyber insurance protection and indemnification clauses in the event of a breach. Want more information?

GDPR

GDPR Compliance Privacy Data Privacy

What Every CIO Needs to Know About DORA: An IT Operations Perspective

OpenText Information Management

JANUARY 24, 2025

This regulation covers a wide range of aspects related to digital operational resilience, including: ICT risk management: DORA mandates a comprehensive ICT risk management framework encompassing strategies, policies, procedures, and governance structures to ensure continuous risk monitoring and mitigation.

IT

IT Compliance Risk Cloud

New York hospitals have new cybersecurity requirements

Data Protection Report

OCTOBER 23, 2024

The regulation includes elements of both the Health Insurance Portability and Accountability Act (HIPAA) and the New York Department of Financial Services (NYDFS) cybersecurity regulation. The regulation also requires that the hospital’s cybersecurity policies address data governance and classification.

Cybersecurity

Cybersecurity Risk Access Financial Services

Regulatory Update: NAIC Fall 2018 National Meeting

Data Matters

DECEMBER 11, 2018

The National Association of Insurance Commissioners (NAIC) held its Fall 2018 National Meeting (Fall Meeting) in San Francisco, California, from November 15 to 18, 2018. NAIC Continues its Evaluation of Insurers’ Use of Big Data. systemic risk of insurers with other parts of the financial system, notably the banking.

Insurance

Insurance Paper Risk Big data

Regulatory Update: NAIC Spring 2019 National Meeting

Data Matters

MAY 9, 2019

The National Association of Insurance Commissioners (NAIC) held its Spring 2019 National Meeting (Spring Meeting) in Orlando, Florida, from April 6 to 9, 2019. ceding insurer could be eligible for the same reduced collateral requirements that would apply to qualifying EU reinsurers under the revised CFR Model Laws.

Insurance

Insurance Blockchain Big data Risk

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

IT Governance

DECEMBER 5, 2023

New York Governor proposes cyber security regulations for hospitals New York Governor Kathy Hochul has proposed new cyber security regulations for all hospitals operating in the state, which are expected to complement the security requirements of HIPAA (the Health Insurance Portability and Accountability Act).

Data Privacy

Data Privacy Privacy Manufacturing Security

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies. The group has diversified its activities into the banking and insurance, travel agency and e-commerce sectors.

GDPR

GDPR Personal data Data collection Marketing

The CrowdStrike Outage and Market-Driven Brittleness

Schneier on Security

JULY 25, 2024

Insurance blunts financial losses.) The ability to outsource software services became easy a little over a decade ago, due to ubiquitous global network connectivity, cloud and software-as-a-service business models, and an increase in industry- and government-led certifications and box-checking exercises.

Marketing

Marketing Access Insurance Risk

Regulatory Update: NAIC Summer 2020 National Meeting

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. NAIC Considers Comments to the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act . GCC Template and Instructions.

Insurance

Insurance Paper Artificial Intelligence Big data

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

Notably, those include: “government data”, which is undefined; “government entities that control or process personal data”; “personal health data where applicable legislation regulates the protection and processing of such data”. Conduct a data mapping exercise. The PDPL therefore has extraterritorial application. Exceptions.

Personal data

Personal data Data breaches GDPR Compliance

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

IT Governance

FEBRUARY 6, 2024

Source 1 ; source 2 (New) Professional services USA Yes 11,556 Poder Judicial de Santa Cruz Source (New) Legal Argentina Yes 8,732 J.D.

Data Privacy

Data Privacy Privacy Insurance Security

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

Publicly available” is narrowly defined in AB 375 to mean essentially only records of federal, state or local government that is used in a manner compatible with the purpose for which the records are maintained. Businesses cannot discriminate against consumers who exercise any of their rights under AB 375.

GDPR

GDPR Privacy Sales Data breaches

Cybersecurity Management Lessons from Healthcare Woes

eSecurity Planet

MAY 30, 2024

Table top exercises: Talk through potential disasters and steps in advance so teams can identify points of failures and address them; where possible, execute recovery drills to gain experience with procedures and verify that disaster recovery plans actually work.

Cybersecurity

Cybersecurity Ransomware Data breaches Risk

UK Parliament Calls for Prison Sentences for Data Theft

Hunton Privacy

OCTOBER 31, 2011

The Committee stated in its October 18, 2011 report that the current penalties for unlawfully obtaining personal data (under Section 55 of the DPA) are an inadequate deterrent, and urged the government to exercise its power to introduce prison sentences without delay.

Personal data

Personal data Insurance Data breaches Government

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. Definition and Purpose of a Records Retention Schedule.

Personal data

Personal data GDPR Privacy Records Management

Saudi Arabia’s New Data Protection Law – What you need to know

DLA Piper Privacy Matters

OCTOBER 7, 2021

Some of these steps include: Conduct a data mapping exercise. The data mapping exercise will provide an organisation with a snapshot of how its data is collected and managed. After conducting the data mapping exercise, the information will need to be systematised into a format that can be readily accessed by the organisation.

Personal data

Personal data Compliance Computer and Electronics IoT

U.S. Banking Agencies Signal Closer Review of Cryptocurrency Activities

Data Matters

DECEMBER 1, 2021

Concurrently, the OCC , the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation (the Agencies) released a joint statement alerting the industry of their intent to provide additional guidance in the coming months concerning certain activities related to cryptoassets conducted by banking organizations.

Compliance

Compliance Risk Insurance Sales

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

Publicly available” is narrowly defined in AB 375 to mean essentially only records of federal, state or local government that is used in a manner compatible with the purpose for which the records are maintained. Businesses cannot discriminate against consumers who exercise any of their rights under AB 375.

GDPR

GDPR Privacy Sales Data breaches

Malaysian Data Protection Law Takes Effect

Hunton Privacy

NOVEMBER 19, 2013

The law does not apply to Malaysia’s federal government or to its state governments. At present, these include data users in the communications, banking and finance, insurance, health care, tourism and hospitality, transportation, education, direct sales, services, real estate and utilities sectors.

Personal data

Personal data Marketing Communications Insurance

European Commission Releases Assessment of the EU Member States’ Rules on Health Data in Light of GDPR

Data Matters

MARCH 9, 2021

With the Assessment, the Commission sought to examine and analyse the Member States’ rules that govern the processing of health data. patients) to exercise their data protection rights largely result from the absence of standardised electronic health records and the low level of awareness among patients of their data protection rights.

GDPR

GDPR e-Delivery Government Access

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

Data Matters

APRIL 10, 2020

Previous drafts of the AG’s proposed regulations tempered the impact of potential automated privacy controls by requiring consumers to exercise their opt-out rights each time they wanted to direct a business not to sell their personal information. The March proposed regulations now allow future global privacy controls (e.g.,

Privacy

Privacy Sales Insurance Compliance

How to improve your cyber resilience

IT Governance

FEBRUARY 15, 2019

For example, you might consider appointing a DPO (data protection officer) even if you aren’t required to under the GDPR, because they will lead your training exercises, advise staff on data processing activities and act as a contact for the supervisory authority in the event of a security incident or investigation.

Risk

Risk GDPR Communications Insurance

Project Svalbard, Have I Been Pwned and its Ongoing Independence

Troy Hunt

MARCH 2, 2020

These were companies spanning all sorts of different industries; big tech, general infosec, antivirus, hosting, finance, e-commerce, cyber insurance - I could go on. They didn't know who I was, had likely never heard of Have I Been Pwned before this exercise and if I was to take a guess, wouldn't have even known how to pronounce it.

IT

IT Mining Data breaches Sales

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

DLA Piper Privacy Matters

APRIL 23, 2020

These are defined as “decisions that result in the provision or denial of financial and lending services, housing, insurance, education enrollment, criminal justice, employment opportunities, health care services, or access to basic necessities such as food and water, or that impact civil rights of individuals.”

Privacy

Privacy Government Insurance IT

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Governance, risk, and compliance (GRC) management: Aligns security goals with business goals and regulatory requirements that apply to the data or the organization. Additional security layers implement effective controls and assure data confidentiality by adding additional insurance against breaches, zero day vulnerabilities, or tool failure.

Security

Security Cloud Cybersecurity Access

#ModernDataMasters: Mike Evans, Chief Technology Officer

Reltio

MARCH 19, 2019

It will be possible to put more emphasis on the people, process and data governance which really make MDM live and breathe.”. We teach that problem solving is at the core of MDM, and how important data governance principles are regardless of the configuration of the underpinning technology.”. Prioritise people, process and governance.

MDM

MDM Retail IT Government

Private cloud use cases: 6 ways private cloud brings value to enterprise business

IBM Big Data Hub

MARCH 28, 2024

As cloud computing continues to transform the enterprise workplace, private cloud infrastructure is evolving in lockstep, helping organizations in industries like healthcare, government and finance customize control over their data to meet compliance, privacy, security and other business needs. billion by 2033, up from USD 92.64

Cloud

Cloud Energy and Utilities Compliance Privacy

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

The CCPA governs how businesses treat “consumer” “personal information.” This page will enable consumers to exercise the right to opt-out of the sale of their personal information. Businesses will be prohibited from discriminating against any consumer for exercising their rights under the new law. What Is Covered?

Privacy

Privacy Sales Compliance Government

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

These are (i) government entities; (ii) entities subject to the Gramm-Leach-Bliley Act; (iii) entities subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and Health Information Technology for Economic and Clinical Health Act; (iv) nonprofits; and (v) institutions of higher education. Entity exemptions.

Personal data

Personal data GDPR Privacy Sales

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

Data Matters

OCTOBER 24, 2019

The regulations lay out a number of general principles to govern verification responsibilities. checking the parent or guardian’s government-issued ID against databases that would facilitate verification. free vs. paid streaming), to quantify the value of consumers’ information and disclose the value and methods used to calculate it.

Privacy

Privacy Sales Passwords Authentication

Join Our Webinar on November 16th: IGI & Preservica Address the Governance of Long-Term Digital Information

IGI

NOVEMBER 10, 2017

Please join the IGI and Preservica on November 16th at 11am ET for a webinar addressing The Governance & Preservation of Long-Term Digital Information. Barclay Blair, Founder and Executive Director, Information Governance Initiative (IGI). CLICK HERE TO REGISTER. Lori Ashley, Industry Market Development Manager, Preservica.

Digital preservation

Digital preservation Government Digital transformation Access

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

The CCPA governs how businesses treat “consumer” “personal information.” This page will enable consumers to exercise the right to opt-out of the sale of their personal information. Businesses will be prohibited from discriminating against any consumer for exercising their rights under the new law. What Is Covered?

Privacy

Privacy Education Sales Government

Catching up, again, part 4

InfoGovNuggets

JANUARY 4, 2019

Is that Governance, or Compliance? Two aspects here, first dealing with the use of a number derived from supposedly unbiased people to govern “your” deal, and, second, the cost of non-compliance, even if long-delayed. Is that Information or Governance? Sure, this is Governance, but is art also Information?

Compliance

Compliance Government Insurance Paper

FRANCE: New data protection law declared constitutional and ready for promulgation

DLA Piper Privacy Matters

JUNE 14, 2018

First, the validity of the overall law was tested against the objective of constitutional value of legislative accessibility and intelligibility, as Senators argued its articulation with the provisions of the GDPR is unclear and likely to “ seriously mislead ” citizens about their rights and obligations in terms of data protection.

GDPR

GDPR Personal data Insurance Government

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Requests

Data Matters

OCTOBER 23, 2019

The regulations flatly prohibit businesses from disclosing a consumer’s social security number, driver’s license number or government issued ID number, financial account number, health insurance or medical identification number, account password, or security questions and answers in response to right to know requests.

Sales

Sales Privacy Passwords Compliance

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Data Matters

OCTOBER 22, 2019

The regulations require businesses to explain that they may not discriminate against consumers who exercise their CCPA rights. Of particular note, the regulations clarify that businesses generally do not have to provide notice “at or before the point of collection” if they are not collecting information directly from the consumer.

Privacy

Privacy Sales Paper Compliance

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Webinars

Trending Sources

Our Data Governance Is Broken. Let’s Reinvent It.

Webinars

California Legislature Passes Bill to Establish the Genetic Information Privacy Act, Pending Governor’s Signature

Telehealth Hazard? HHS Loosens HIPAA Standards for Telemedicine

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

What Every CIO Needs to Know About DORA: An IT Operations Perspective

New York hospitals have new cybersecurity requirements

Regulatory Update: NAIC Fall 2018 National Meeting

Regulatory Update: NAIC Spring 2019 National Meeting

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

The CrowdStrike Outage and Market-Driven Brittleness

Regulatory Update: NAIC Summer 2020 National Meeting

UAE: Federal level data protection law enacted

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

California Enacts Broad Privacy Laws Modeled on GDPR

Cybersecurity Management Lessons from Healthcare Woes

UK Parliament Calls for Prison Sentences for Data Theft

The Impact of Data Protection Laws on Your Records Retention Schedule

Saudi Arabia’s New Data Protection Law – What you need to know

U.S. Banking Agencies Signal Closer Review of Cryptocurrency Activities

California Enacts Broad Privacy Protections Modeled on GDPR

Malaysian Data Protection Law Takes Effect

European Commission Releases Assessment of the EU Member States’ Rules on Health Data in Light of GDPR

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

How to improve your cyber resilience

Project Svalbard, Have I Been Pwned and its Ongoing Independence

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

Network Security Architecture: Best Practices & Tools

#ModernDataMasters: Mike Evans, Chief Technology Officer

Private cloud use cases: 6 ways private cloud brings value to enterprise business

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

Join Our Webinar on November 16th: IGI & Preservica Address the Governance of Long-Term Digital Information

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Catching up, again, part 4

FRANCE: New data protection law declared constitutional and ready for promulgation

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Requests

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Stay Connected