Data Matters

FEBRUARY 20, 2019

On January 18, 2019, the New York State Department of Financial Services (NYDFS) issued Circular Letter 2019-1 (the Circular Letter), addressing insurers’ use of external consumer data and information sources in underwriting for life insurance. Unlawful Discrimination.

Insurance 68

Insurance Financial Services Compliance Retail 68

Krebs on Security

NOVEMBER 19, 2021

In reality, the fraudster initiates a transaction — such as the “forgot password” feature on the financial institution’s site — which is what generates the authentication passcode delivered to the member.

IT 363

IT Passwords Authentication Phishing 363

Thales Cloud Protection & Licensing

JANUARY 16, 2024

Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds madhav Wed, 01/17/2024 - 05:46 The Digital Operational Resilience Act (DORA) will apply to the EU financial sector from 17 January 2025. As set out in its Article 2, DORA applies to the entire financial services sector.

Financial Services 83

Financial Services Cloud Cybersecurity Encryption 83

Hunton Privacy

DECEMBER 4, 2023

On November 28, 2023, the New York Department of Financial Services (“NYDFS”) announced that First American Title Insurance Company (“First American”), the second-largest title insurance company in the United States, would pay a $1 million penalty for violations of the NYDFS Cybersecurity Regulation in connection with a 2019 data breach.

Financial Services 64

Financial Services Insurance Data breaches Cybersecurity 64

Data Protection Report

JANUARY 30, 2023

Late December and early January tend to be a busy time for everyone, so you may have missed a privacy update or two during that time. 3. Does an insurance policy that covers direct physical loss or damage to media cover the situation where ransomware renders downloaded software useless because it could not be decrypted?

Privacy 115

Privacy Cybersecurity Personal data Insurance 115

IBM Big Data Hub

JANUARY 16, 2024

The start of 2024 brings forth many questions as to what we can expect in the year ahead, especially in the financial services industry, where technological advances have skyrocketed and added complexities to an already turbulent landscape. One example of this is in insurance.

Financial Services 48

Financial Services Customer Experience Cloud Digital transformation 48

Hunton Privacy

JANUARY 24, 2018

On January 22, 2018, the New York Department of Financial Services (“NYDFS”) issued a press release reminding entities covered by its cybersecurity regulation that the first certification of compliance with the regulation is due on or prior to February 15, 2018.

Financial Services 58

Financial Services Cybersecurity Compliance Insurance 58

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

The Last Watchdog

APRIL 3, 2019

Its customer base is comprised of eight of the top 15 banks, four of the top six healthcare insurance and managed care providers, nine of the top 15 property and casualty insurance providers, five of the top 13 pharmaceutical companies, and 11 of the largest 15 federal agencies.

Digital transformation 140

Digital transformation Insurance Compliance Healthcare 140

Data Matters

JANUARY 28, 2022

Other government agencies, like the New York Department of Financial Services and the Federal Trade Commission, are also increasingly focused on the need for broad implementation of MFA. Like an incident response plan, MFA has become a critical element of cybersecurity programs. The post U.S.

Cybersecurity 157

Cybersecurity Financial Services Authentication Government 157

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance 70

Insurance Cybersecurity Risk Education 70

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk 147

Risk Financial Services Insurance Cybersecurity 147

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. On March 17, 2022, the U.S.

Cybersecurity 88

Cybersecurity Privacy Insurance Risk 88

eSecurity Planet

SEPTEMBER 21, 2024

These laws aim to establish standards for securing data, ensuring privacy, and mitigating risks associated with digital information. It also provides legal protections for entities that share information, reducing concerns about liability and privacy violations.

Cybersecurity 117

Cybersecurity Computer and Electronics Compliance Privacy 117

AIIM

OCTOBER 15, 2018

In North America, e-signatures are based on multiple authentication aspects with a focus on knowledge-based authentication which cannot be applied in EU due to much stricter privacy regulations. Allianz – a global financial services and insurance company – is one of those organizations which had to rethink their approach on e-signatures.

Compliance 112

Compliance Insurance Digital transformation Authentication 112

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

Data Matters

MARCH 12, 2019

Over the last few years, States have enacted increasingly aggressive legislation concerning data privacy and security, raising concerns that companies will be subject to a patchwork of different standards. The post FTC Seeks Comment on Proposed Changes to its GLBA Safeguards and Privacy Rules appeared first on Data Matters Privacy Blog.

Privacy 68

Privacy IT Information Security Insurance 68

Reltio

JUNE 9, 2022

The insurance industry is facing unprecedented disruption. Insurance carriers have been called to transform customer experience, business offerings, and operations. As an insurer, your current business models are being challenged by new thinking, new competitors, and new ways of working.

Digital transformation 52

Digital transformation Insurance Customer Experience MDM 52

erwin

APRIL 11, 2019

Some suggest the California Consumer Privacy Act (CCPA), which takes effect January 1, 2020, sets a precedent other states will follow by empowering consumers to set limits on how companies can use their personal information. California recently passed a law that gives residents the right to control the data companies collect about them.

GDPR 100

GDPR Compliance e-Discovery Metadata 100

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Records breached: 79,582 Ontario hospitals update: information relating to 5.6

Data Privacy 67

Data Privacy Privacy Security Data breaches 67

Data Matters

JANUARY 2, 2018

This past year was marked by ever more significant data breaches, growing cybersecurity regulatory requirements at the state and federal levels and continued challenges in harmonizing international privacy and cybersecurity regulations. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR.

Privacy 68

Privacy Cybersecurity Data breaches GDPR 68

Reltio

OCTOBER 24, 2018

privacy law , similar to GDPR (General Data Protection Regulation), is appropriate and timely. But today modern data management solutions that include technologies like machine learning empower organizations to implement data governance and privacy initiatives at scale, and are an essential part of their overall Customer 360 data strategy.

Data Privacy 74

Data Privacy Privacy GDPR Compliance 74

Data Protection Report

FEBRUARY 8, 2022

EyeMed’s privacy policy stated that the company would “follow generally accepted industry standards to protect the personal information submitted to us, and to guard that information against loss, misuse or alteration. In total, information for approximately 2.1 SHIELD Act.

Passwords 98

Passwords Financial Services Authentication Insurance 98

Data Matters

JUNE 12, 2020

The ANPR also focuses on critical new technologies such as distributed ledgers and artificial intelligence, asking, for example: “What types of activities related to cryptocurrencies or cryptoassets are financial services companies or bank customers engaged? Comments are due by August 3, 2020. Comments are due by August 3, 2020.

Artificial Intelligence 68

Artificial Intelligence Blockchain Financial Services Computer and Electronics 68

Hunton Privacy

NOVEMBER 26, 2018

The majority of data breach notifications came from the following sectors: (i) health care, (ii) insurance, (iii) public institutions and defense, (iv) telecommunications and postal services, and (v) financial services. Since the GDPR took force, 317 data breaches were reported to the Belgian DPA.

GDPR 72

GDPR Data breaches Financial Services Insurance 72

The Last Watchdog

AUGUST 22, 2019

While the benefits of DX are highly-touted , this shift has also spawned a whole new tier of unprecedented privacy and security challenges. Consider that it was a misconfigured open-source Web Application Firewall , running on Amazon Web Services, that gave a former Amazon IT staffer a path to crack into this financial services giant.

Digital transformation 147

Digital transformation Compliance Risk Security 147

Adam Levin

SEPTEMBER 5, 2019

So, we can call this a Facebook privacy facepalm legacy attack. It’s a sad state of Facebook privacy news fatigue that the urge is so strong to create privacy fail sub-categories—but there you have it. The information is at least a year old, which was when Facebook stopped allowing developers to have user phone numbers.

Mining 79

Mining Authentication Financial Services Privacy 79

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

The Last Watchdog

FEBRUARY 25, 2019

This was because, as the complexity of business networks continued to intensify, so did the challenges of meeting data handling requirements under the Payment Card Industry Data Security Standard, the Health Insurance Portability and Accountability Act, the Sarbanes-Oxley Act, and the Federal Information Security Management Act.

Access 169

Access Government Authentication Data breaches 169

DLA Piper Privacy Matters

NOVEMBER 26, 2018

The top five industry sectors notifying data breaches are: 1) health care, 2) insurance, 3) public administrations and defense, 4) telecoms and 5) financial services. The other released figures are also remarkable. In six months only, the DPA received: 3599 information requests (compared to 2145 information requests in 2017).

GDPR 83

GDPR Data breaches Financial Services Insurance 83

Hunton Privacy

NOVEMBER 8, 2023

On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. Our previous blog post covered key proposed changes to the Cyber Regulation.

Cybersecurity 72

Cybersecurity Compliance IT Financial Services 72

Reltio

FEBRUARY 23, 2023

Health insurance companies need an accurate view of providers to enable better patient experience, such as a best-in-class physician finder. Under these models, providers and insurance companies have incentives to save money and improve patient outcomes. Providers need to adopt value-based care to get money from insurance companies.

MDM 98

MDM Sales Insurance Marketing 98

Data Protection Report

NOVEMBER 16, 2022

2022 has been a record year for Illinois Biometric Information Privacy Act (“BIPA”) litigation. Since its enactment in 2008, BIPA has been one of the most litigated privacy-related laws with some of the highest penalties. However, it wasn’t until last month that the first BIPA jury verdict was ever rendered. Who is covered by BIPA?

Financial Services 98

Financial Services Privacy Compliance Insurance 98

DLA Piper Privacy Matters

FEBRUARY 28, 2022

Most incidents reported originate from the private sector ( 3,667 ), with 2,707 incidents reported from public sector organisations in Ireland such as public sector bodies, banks, insurance and telecom companies. Financial Services Sector Focus. In November, the DPC launched the revised Breach Notification Webform.

Financial Services 97

Financial Services Data breaches Personal data Compliance 97

Data Matters

DECEMBER 28, 2020

The National Association of Insurance Commissioners (NAIC) held its Fall 2020 National Meeting (Fall Meeting) December 3-9, 2020. NAIC Adopts the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act. Insurance groups will be exempt from filing a GCC if. groups to non-U.S.

Insurance 68

Insurance Paper Risk Analytics 68

Adam Levin

NOVEMBER 30, 2018

Regis, Westin, Sheraton, W Hotels or anywhere else that operates on Marriot’s Starwood guest reservation database, it’s time to redouble your cybersecurity and privacy efforts, because this compromise is one of biggest we’ve seen—dwarfed only by the Yahoo breach that affected 2 billion users. If you’ve made reservations at the St.

Financial Services 66

Financial Services Encryption Passwords Communications 66