On March 1, 2017 the cybersecurity regulation of the New York Department of Financial Services (the “DFS Regulation”) took effect, requiring subject financial institutions, including insurance companies, (“Covered Entities”) to among other things adopt written information security programs to address the protection of nonpublic information and information systems.Read More
Topic: Privacy/Data Security/Cyber Risk
As an early stage or startup InsurTech, you’re highly focused on all the right things: identifying a challenge for the insurance industry, developing an innovative technical solution, making it practical and scalable, getting it funded, and implementing it. The industry for which InsurTech seeks to develop and deliver solutions is awash, however, in requirements and restrictions related to the collection, use, sharing, and protection of data.Read More
Ted Augustinos, a member of the steering committee of Locke Lord’s Privacy and Cybersecurity Practice Group, authored an article detailing the stifling effect of privacy and cybersecurity regulations on innovative data usage at insurance companies.Read More
FTC Proposes Amendments to Safeguards Rule to Track NY DFS Cybersecurity Regulation (and amendments to its Privacy Rule)
As we’ve been predicting, including here, the Cybersecurity Regulation adopted by the NY DFS for insurance, banking and other financial services continues to drive the conversation in the U.S. The latest manifestation is the FTC proposal, announced March 5, 2019, to amend it Safeguards Rule adopted pursuant to the Gramm-Leach-Bliley Act of 1999 (GLBA) to require financial institutions to adopt certain safeguards to protect the nonpublic personal information of consumers.Read More
Locke Lord’s Privacy & Cybersecurity Newsletter provides topical snapshots of recent developments in the fast-changing world of privacy, data protection, and cyber risk management. For further information on any of the subjects covered in the newsletter, please contact one of the members of our privacy and cybersecurity team.Read More
The New York Department of Financial Services Cybersecurity Regulations, 23 NYCRR part 500 (the “Cybersecurity Regulations”), require companies subject to the regulations to update their record retention schedule for particular documents mandated by the Cybersecurity Regulations.Read More
Locke Lord’s Insurance & Reinsurance Newsletter provides topical snapshots of recent developments in the fast-changing world of insurance. For further information on any of the subjects covered in the newsletter, please contact one of the members of our Insurance team.Read More
California Amends Consumer Data Privacy Act, but Leaves Material Provisions Unchanged and Questions Unanswered
Update: the Governor of California, signed Senate Bill 1121 on September 23, 2018, ratifying the amendments described below.
On August 31, 2018, the California State Legislature passed Senate Bill 1121, amending the California Consumer Privacy Act of 2018 (“CCPA”). The CCPA, which contains the broadest consumer data privacy protections in the country, was hastily passed in June to forestall an advocacy group from putting a more restrictive bill before voters in a November referendum.
In This Issue:
Follow the Leader: NYDFS Cybersecurity Regulation Leads the Way for Other States and IndustriesRead More