Data Matters

FEBRUARY 20, 2019

On January 18, 2019, the New York State Department of Financial Services (NYDFS) issued Circular Letter 2019-1 (the Circular Letter), addressing insurers’ use of external consumer data and information sources in underwriting for life insurance. Unlawful Discrimination.

Insurance 68

Insurance Financial Services Compliance Retail 68

Krebs on Security

NOVEMBER 19, 2021

In reality, the fraudster initiates a transaction — such as the “forgot password” feature on the financial institution’s site — which is what generates the authentication passcode delivered to the member.

IT 362

IT Passwords Authentication Phishing 362

Hunton Privacy

DECEMBER 4, 2023

On November 28, 2023, the New York Department of Financial Services (“NYDFS”) announced that First American Title Insurance Company (“First American”), the second-largest title insurance company in the United States, would pay a $1 million penalty for violations of the NYDFS Cybersecurity Regulation in connection with a 2019 data breach.

Financial Services 64

Financial Services Data breaches Insurance Cybersecurity 64

Data Protection Report

JANUARY 30, 2023

Late December and early January tend to be a busy time for everyone, so you may have missed a privacy update or two during that time. 3. Does an insurance policy that covers direct physical loss or damage to media cover the situation where ransomware renders downloaded software useless because it could not be decrypted?

Privacy 115

Privacy Cybersecurity Personal data Insurance 115

Thales Cloud Protection & Licensing

JANUARY 16, 2025

However, as important as PCI may be, United States financial services organizations operate in one of the worlds most stringent and complex compliance landscapes. Understanding the US FinServ Compliance Landscape The US financial services industry is subject to a vast number of laws and regulations.

Compliance 62

Compliance Financial Services Encryption Insurance 62

Thales Cloud Protection & Licensing

JANUARY 16, 2024

Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds madhav Wed, 01/17/2024 - 05:46 The Digital Operational Resilience Act (DORA) will apply to the EU financial sector from 17 January 2025. As set out in its Article 2, DORA applies to the entire financial services sector.

Financial Services 83

Financial Services Cloud Cybersecurity Encryption 83

IBM Big Data Hub

JANUARY 16, 2024

The start of 2024 brings forth many questions as to what we can expect in the year ahead, especially in the financial services industry, where technological advances have skyrocketed and added complexities to an already turbulent landscape. One example of this is in insurance.

Financial Services 48

Financial Services Customer Experience Cloud Digital transformation 48

Hunton Privacy

JANUARY 24, 2018

On January 22, 2018, the New York Department of Financial Services (“NYDFS”) issued a press release reminding entities covered by its cybersecurity regulation that the first certification of compliance with the regulation is due on or prior to February 15, 2018.

Financial Services 58

Financial Services Cybersecurity Compliance Insurance 58

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

IT Governance

DECEMBER 11, 2023

Source (New) Transport USA Yes 129,611 Tcman Source (New) Manufacturing Spain Yes 108 GB (179 files) Compass Group Italia Source (New) Hospitality Italy Yes 107 GB Pan-American Life Insurance Group, Inc. Incorporated Source (Update) Insurance USA Yes 7,361 Advantis Global, Inc. and Robert W. Baird & Co.

Data Privacy 97

Data Privacy Energy and Utilities Privacy Manufacturing 97

The Last Watchdog

APRIL 3, 2019

Its customer base is comprised of eight of the top 15 banks, four of the top six healthcare insurance and managed care providers, nine of the top 15 property and casualty insurance providers, five of the top 13 pharmaceutical companies, and 11 of the largest 15 federal agencies.

Digital transformation 140

Digital transformation Insurance Compliance Healthcare 140

Data Matters

JANUARY 28, 2022

Other government agencies, like the New York Department of Financial Services and the Federal Trade Commission, are also increasingly focused on the need for broad implementation of MFA. Like an incident response plan, MFA has become a critical element of cybersecurity programs. The post U.S.

Cybersecurity 157

Cybersecurity Financial Services Authentication Government 157

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance 70

Insurance Cybersecurity Risk Education 70

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk 147

Risk Financial Services Insurance Data breaches 147

Data Matters

MARCH 28, 2022

Department of Health and Human Service’s Office for Civil Rights (“OCR”) issued industry guidance for Health Insurance Portability and Accountability Act (“HIPAA”) regulated entities to take preventative steps to protect against some of the more common, and often successful, cyber-attack techniques. On March 17, 2022, the U.S.

Cybersecurity 88

Cybersecurity Privacy Insurance Risk 88

eSecurity Planet

SEPTEMBER 21, 2024

These laws aim to establish standards for securing data, ensuring privacy, and mitigating risks associated with digital information. It also provides legal protections for entities that share information, reducing concerns about liability and privacy violations.

Cybersecurity 121

Cybersecurity Computer and Electronics Compliance Privacy 121

AIIM

OCTOBER 15, 2018

In North America, e-signatures are based on multiple authentication aspects with a focus on knowledge-based authentication which cannot be applied in EU due to much stricter privacy regulations. Allianz – a global financial services and insurance company – is one of those organizations which had to rethink their approach on e-signatures.

Compliance 116

Compliance Insurance Digital transformation Authentication 116

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

Data Matters

MARCH 12, 2019

Over the last few years, States have enacted increasingly aggressive legislation concerning data privacy and security, raising concerns that companies will be subject to a patchwork of different standards. The post FTC Seeks Comment on Proposed Changes to its GLBA Safeguards and Privacy Rules appeared first on Data Matters Privacy Blog.

Privacy 68

Privacy IT Information Security Insurance 68

IT Governance

NOVEMBER 13, 2023

On 14 September, Mulkay discovered that the compromised files contained personal information, including “name, address, date of birth, Social Security number, driver’s license number or state ID, medical treatment information, and health insurance information”. Records breached: 79,582 Ontario hospitals update: information relating to 5.6

Data Privacy 74

Data Privacy Privacy Security Data breaches 74

Reltio

JUNE 9, 2022

The insurance industry is facing unprecedented disruption. Insurance carriers have been called to transform customer experience, business offerings, and operations. As an insurer, your current business models are being challenged by new thinking, new competitors, and new ways of working.

Digital transformation 52

Digital transformation Insurance Customer Experience MDM 52

erwin

APRIL 11, 2019

Some suggest the California Consumer Privacy Act (CCPA), which takes effect January 1, 2020, sets a precedent other states will follow by empowering consumers to set limits on how companies can use their personal information. California recently passed a law that gives residents the right to control the data companies collect about them.

GDPR 100

GDPR Compliance e-Discovery Metadata 100

Data Matters

JANUARY 2, 2018

This past year was marked by ever more significant data breaches, growing cybersecurity regulatory requirements at the state and federal levels and continued challenges in harmonizing international privacy and cybersecurity regulations. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR.

Privacy 68

Privacy Cybersecurity Data breaches GDPR 68

Reltio

OCTOBER 24, 2018

privacy law , similar to GDPR (General Data Protection Regulation), is appropriate and timely. But today modern data management solutions that include technologies like machine learning empower organizations to implement data governance and privacy initiatives at scale, and are an essential part of their overall Customer 360 data strategy.

Data Privacy 74

Data Privacy Privacy GDPR Compliance 74

Data Protection Report

FEBRUARY 8, 2022

EyeMed’s privacy policy stated that the company would “follow generally accepted industry standards to protect the personal information submitted to us, and to guard that information against loss, misuse or alteration. In total, information for approximately 2.1 SHIELD Act.

Passwords 98

Passwords Financial Services Authentication Insurance 98

Data Matters

JUNE 12, 2020

The ANPR also focuses on critical new technologies such as distributed ledgers and artificial intelligence, asking, for example: “What types of activities related to cryptocurrencies or cryptoassets are financial services companies or bank customers engaged? Comments are due by August 3, 2020. Comments are due by August 3, 2020.

Artificial Intelligence 68

Artificial Intelligence Blockchain Financial Services Computer and Electronics 68

IT Governance

MARCH 11, 2024

Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. Subscribe now The post The Week in Cyber Security and Data Privacy: 4 – 10 March 2024 appeared first on IT Governance UK Blog. The consultation closes on 17 April. of the Standard.

Data Privacy 78

Data Privacy Privacy Security Data breaches 78

Hunton Privacy

NOVEMBER 26, 2018

The majority of data breach notifications came from the following sectors: (i) health care, (ii) insurance, (iii) public institutions and defense, (iv) telecommunications and postal services, and (v) financial services. Since the GDPR took force, 317 data breaches were reported to the Belgian DPA.

GDPR 72

GDPR Data breaches Financial Services Insurance 72

The Last Watchdog

AUGUST 22, 2019

While the benefits of DX are highly-touted , this shift has also spawned a whole new tier of unprecedented privacy and security challenges. Consider that it was a misconfigured open-source Web Application Firewall , running on Amazon Web Services, that gave a former Amazon IT staffer a path to crack into this financial services giant.

Digital transformation 147

Digital transformation Compliance Risk Security 147

IBM Big Data Hub

MARCH 20, 2024

For highly regulated industries, these challenges take on an entirely new level of expectation as they navigate evolving regulatory landscape and manage requirements for privacy, resiliency, cybersecurity, data sovereignty and more. Read to learn more about cloud adoption within financial services?

Cloud 72

Cloud Financial Services Risk Business Services 72

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

Adam Levin

SEPTEMBER 5, 2019

So, we can call this a Facebook privacy facepalm legacy attack. It’s a sad state of Facebook privacy news fatigue that the urge is so strong to create privacy fail sub-categories—but there you have it. The information is at least a year old, which was when Facebook stopped allowing developers to have user phone numbers.

Mining 79

Mining Authentication Financial Services Privacy 79

DLA Piper Privacy Matters

NOVEMBER 26, 2018

The top five industry sectors notifying data breaches are: 1) health care, 2) insurance, 3) public administrations and defense, 4) telecoms and 5) financial services. The other released figures are also remarkable. In six months only, the DPA received: 3599 information requests (compared to 2145 information requests in 2017).

GDPR 83

GDPR Data breaches Financial Services Insurance 83

The Last Watchdog

FEBRUARY 25, 2019

This was because, as the complexity of business networks continued to intensify, so did the challenges of meeting data handling requirements under the Payment Card Industry Data Security Standard, the Health Insurance Portability and Accountability Act, the Sarbanes-Oxley Act, and the Federal Information Security Management Act.

Access 169

Access Government Authentication Data breaches 169

Hunton Privacy

NOVEMBER 8, 2023

On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. Our previous blog post covered key proposed changes to the Cyber Regulation.

Cybersecurity 72

Cybersecurity Compliance IT Financial Services 72

ARMA International

APRIL 18, 2022

Certain sectors, such as banking, financial services, health, and insurance have their own data protection and privacy requirements. 4 Consumer Protection Privacy Act. 5 California Privacy Rights Act (CPRA). 6 Colorado Privacy Act. 10 California Privacy Rights Act (CPRA). Conclusion.

Personal data 116

Personal data GDPR Privacy Records Management 116