HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

Data Protection Report

JANUARY 30, 2023

3. Does an insurance policy that covers direct physical loss or damage to media cover the situation where ransomware renders downloaded software useless because it could not be decrypted? Which one is NOT on the list?

Privacy 115

Privacy Cybersecurity Personal data Insurance 115

Data Matters

JANUARY 28, 2022

Other government agencies, like the New York Department of Financial Services and the Federal Trade Commission, are also increasingly focused on the need for broad implementation of MFA. Like an incident response plan, MFA has become a critical element of cybersecurity programs.

Cybersecurity 157

Cybersecurity Financial Services Authentication Government 157

Security Affairs

APRIL 20, 2023

If malicious actors accessed the exposed data, the company could have faced devastating consequences and put their clients at risk, as financial services are the main target for cybercriminals. Employees, businesses, and individuals whose data were exposed could be at risk of spear phishing campaigns,” added researchers.

Personal data 96

Personal data Phishing Risk Financial Services 96

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. The information mostly related to court proceedings.

Data Privacy 85

Data Privacy Privacy Security Data breaches 85

DLA Piper Privacy Matters

FEBRUARY 28, 2022

Primary areas of focus for the DPC in 2021 included the safeguarding of children’s data protection rights, progressing ongoing large-scale inquires and prioritising responding to complaints which have raised issues of substance, with a data subject centric approach to resolution. Ongoing Inquiries & Data Transfer Enforcement.

Financial Services 97

Financial Services Data breaches Personal data Compliance 97

Data Protection Report

FEBRUARY 8, 2022

EyeMed engaged a forensic investigator, which was unable to determine whether any exfiltration of personal data had occurred, due in part to a lack of log data. On January 24, 2022, the New York Attorney General (AG) announced a settlement with vision-benefits-provider EyeMed Vision Care, Inc., SHIELD Act.

Passwords 98

Passwords Financial Services Authentication Insurance 98

ARMA International

APRIL 18, 2022

Introduction to Data Protection Laws. Data protection laws, regulations, and rules control the collection, use, transfer, and storage of personal and sensitive information. Personal data protection requirements may be issued by federal, state (provincial), or local governments.

Personal data 100

Personal data GDPR Privacy Records Management 100

Data Protection Report

OCTOBER 24, 2022

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020. NYDFS may be the first regulator to make such an explicit recommendation.

Cybersecurity 52

Cybersecurity Personal data Risk Financial Services 52

Data Protection Report

MARCH 7, 2024

Recall that the focus of the Executive Order was not on single transactions, but rather bulk transactions of Americans’ personal data. seems to be approving most transfers of personal data, except where those transfers meet the criteria described in the ANPRM.

Access 59

Access Military Compliance Personal data 59

IT Governance

APRIL 29, 2024

Known data breached Discord (via Spy.pet) Source (New) IT services USA Yes 4,186,879,104 Baidu, Inc., New guidance EDPB publishes information on Data Protection Framework redress mechanism The European Data Protection Board’s Information Note on the redress mechanism for EU/EEA individuals in relation to alleged violations of U.S.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

IT Governance

JANUARY 23, 2024

Source (New) Real estate USA Yes 46,906 Hampton-Newport News Community Services Board Source 1 ; source 2 ; source 3 (New) Healthcare USA Yes 44,312 Air Methods Source 1 ; source 2 (New) Healthcare USA Yes 34,016 GREYHOURS Source (New) Retail France Yes 18,700 Groveport Madison Schools Source 1 ; source 2 ; source 3 (Update) Education USA Yes 15.5

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. See CF Disclosure Guidance: Topic No. 2, Cybersecurity (Oct. 14, 2011). 15, 2020).

Cybersecurity 68

Cybersecurity Financial Services Risk Compliance 68

eSecurity Planet

AUGUST 9, 2022

The GDPR provision that may keep IT security teams busiest is Article 32, which requires “a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing” of personal data. GDPR-style data privacy laws came to the U.S.

Data Privacy 145

Data Privacy Compliance Privacy Security 145

Data Matters

SEPTEMBER 24, 2019

The GDPR was designed to harmonize data protection laws across Europe and to protect EU residents’ data privacy rights; and, its coming triggered significant privacy and data protection compliance activities amongst organizations doing business in the EU and working with the personal data of EU residents.

Personal data 68

Personal data GDPR Data Privacy Privacy 68

OpenText Information Management

DECEMBER 4, 2019

Last year, the number of personal records exposed by cyber attacks on the financial services industry was an incredible 446,575,334 – more than triple from the year before. The financial and reputational damage from these data breaches can be immense.

Financial Services 52

Financial Services Data breaches Security Personal data 52

IT Governance

MARCH 11, 2024

Glosbe dictionary exposes almost 7 million records The multilingual online dictionary Glosbe left a MongoDB instance unsecured last year, exposing nearly 7 million users’ information, including personal data, encrypted passwords and social media identifiers. Glosbe did not reply, but the open instance was soon closed.

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

FEBRUARY 21, 2024

In January 2024, it identified more potential victims, and has now written to inform them that their personal data may have been compromised in the incident. Data breached: 2,632,275 people’s data. 204 of them are known to have had data exfiltrated, exposed or otherwise breached.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

erwin

NOVEMBER 14, 2019

In recent years, hard mandates for data governance also have increased. In the United States, the Health Insurance Portability and Accountability Act (HIPAA) requires organizations in the healthcare space to protect the privacy and security of certain health information. Costs have risen by 12 percent during the last five years.

Government 105

Government Data breaches Metadata GDPR 105

HL Chronicle of Data Protection

MARCH 16, 2020

On Tuesday, 3 March 2020, we welcomed our financial services clients in London to a lively panel event, which covered the multitude of issues which arise in a cybersecurity incident. Peter Marta. Arwen Handley. Philip Parish. Nicola Fulford.

Cybersecurity 59

Cybersecurity Financial Services Risk Insurance 59

The Last Watchdog

FEBRUARY 25, 2019

This was because, as the complexity of business networks continued to intensify, so did the challenges of meeting data handling requirements under the Payment Card Industry Data Security Standard, the Health Insurance Portability and Accountability Act, the Sarbanes-Oxley Act, and the Federal Information Security Management Act.

Access 169

Access Government Authentication Data breaches 169

Hunton Privacy

NOVEMBER 10, 2016

The impetuses for the survey were the many significant changes the GDPR will bring to companies’ management and processing of personal data, their privacy compliance programs and their IT systems and infrastructure. The GDPR replaces Directive 95/46/EC and will become applicable in May 2018.

GDPR 45

GDPR Data Privacy Compliance Privacy 45

DLA Piper Privacy Matters

SEPTEMBER 29, 2017

The French data protection authority (CNIL) has just adopted Single Authorization No. AU-054 (the “AU-054”) on July 13, 2017 in order to cover the processing of personal data implemented in relation to these fraud prevention/detection systems. 311-2 of the Code Monétaire et Financier. .

Personal data 40

Personal data Financial Services Risk Insurance 40

DLA Piper Privacy Matters

AUGUST 23, 2021

Instead the PIPL is a robust data privacy framework designed to safeguard individuals’ personal data against abuse, but at the same time to reflect cultural and business attitudes to data in China, as well as new technologies (including advances in AI, biometrics and data analytics), and to enable flows of personal data.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

eSecurity Planet

JUNE 16, 2022

Crimeware is a type of malware that cyber criminals use to commit identity theft or gain financial information to execute transactions. Other techniques to steal personal data include the use of keyloggers that record all keystrokes and can reveal information. Crimeware and spyware. Other methods.

Ransomware 145

Ransomware Cybersecurity Phishing Encryption 145

Hunton Privacy

JULY 22, 2009

The UK Financial Services Authority (FSA) has announced today fines for three HSBC entities totaling £3 million for failing to have adequate systems and controls in place to protect their customers’ confidential data. The fine is the highest to date in the UK and reflects a 30% discount for cooperating with the FSA.

Security 40

Security Insurance Data breaches Personal data 40

Reltio

AUGUST 16, 2018

The primary objectives of the GDPR are to give control back to their EU citizens and residents over their personal data, to simplify the regulatory environment for international business, and to unify regulations within the European Union.

GDPR 70

GDPR MDM Compliance Personal data 70

CGI

JANUARY 12, 2017

We surveyed 1,670 consumers across eight countries to get their perspectives on 12 digital FinTech services: Protection. Personal finance management (PFM). Personalized digital experience. IoT-based auto insurance pricing. Personalized offers. Mobile payments. Alternative currency. Mobile cash flow manager.

Financial Services 40

Financial Services IoT Risk Insurance 40

erwin

NOVEMBER 14, 2019

In recent years, hard mandates for data governance also have increased. In the United States, the Health Insurance Portability and Accountability Act (HIPAA) requires organizations in the healthcare space to protect the privacy and security of certain health information. Costs have risen by 12 percent during the last five years.

Government 40

Government Data breaches Metadata GDPR 40

ARMA International

AUGUST 2, 2019

with Equifax in connection with a 2017 data breach that exposed sensitive, personal data of around 147 million people. Social Security numbers) and says that such tokenized data was not exposed. On July 22, 2019, the Federal Trade Commission (FTC) announced that it had reached a proposed settlement.

Cloud 41

Cloud Data breaches Encryption Access 41

Reltio

APRIL 25, 2019

If the digital transformation doesn’t have an end date, then is your data platform able to scale infinitely to support your long-term, evolving customer experience? Can it continuously collect and correlate all customer data from internal as well as external, public, and social media?

Customer Experience 75

Customer Experience Digital transformation B2B B2C 75

HL Chronicle of Data Protection

SEPTEMBER 12, 2018

The revised CCPA clarifies that “medical information” subject to the Confidentiality of Medical Information Act (CMIA) and “protected health information” collected by a “covered entity” or “business associate” established pursuant to the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA) are exempt from the statute.

Privacy 40

Privacy Compliance GDPR Data breaches 40

Thales Cloud Protection & Licensing

DECEMBER 23, 2019

According to the 2019 Thales Data Threat Report-India Edition , digital transformation is well underway in India, with 41% of Indian respondents saying they are either aggressively disrupting the markets they participate in or embedding digital capabilities that enable greater organizational agility. Complexity is a Barrier to Data Security.

Digital transformation 15

Digital transformation Cloud Encryption Data Privacy 15

Data Matters

JANUARY 2, 2018

The May 25, 2018 effective date for the EU’s General Data Protection Regulation (GDPR) will no doubt be a central focus of 2018. Europe’s omnibus new framework for data protection law applies to (almost) all entities that collect and process EU personal data regardless of where the data are processed.

Cybersecurity 68

Cybersecurity Privacy Data breaches GDPR 68

John Battelle's Searchblog

OCTOBER 31, 2018

And the ecosystem that develops around data tokens will offer it. Thanks to her Walmart experience, Michelle has become aware of the power of personal data. Transportation Services. Real Estate Services (Commercial). Location Services . Financial Services. She needs a new question machine.

Marketing 53

Marketing Retail Blockchain Mining 53