Privacy/Data Security/Cyber Risk

Subscribe to Privacy/Data Security/Cyber Risk via RSS

Ted Augustinos, a member of the steering committee of Locke Lord’s Privacy and Cybersecurity Practice Group, authored an article detailing the stifling effect of privacy and cybersecurity regulations on innovative data usage at insurance companies.
Read More Locke Lord Privacy Lawyer Authors Article in Best’s Review on Regulations Impacting InsurTechs

As we’ve been predicting, including here, the Cybersecurity Regulation adopted by the NY DFS for insurance, banking and other financial services continues to drive the conversation in the U.S.  The latest manifestation is the FTC proposal, announced March 5, 2019, to amend it Safeguards Rule adopted pursuant to the Gramm-Leach-Bliley Act of 1999 (GLBA) to require financial institutions to adopt certain safeguards to protect the nonpublic personal information of consumers.
Read More FTC Proposes Amendments to Safeguards Rule to Track NY DFS Cybersecurity Regulation (and amendments to its Privacy Rule)

Locke Lord’s Privacy & Cybersecurity Newsletter provides topical snapshots of recent developments in the fast-changing world of privacy, data protection, and cyber risk management. For further information on any of the subjects covered in the newsletter, please contact one of the members of our privacy and cybersecurity team.
Read More Privacy & Cybersecurity Newsletter – January 2019

On November 23, the European Data Protection Board released guidelines for public comment (the “Guidelines”) on the territorial scope of the General Data Protection Regulation (“GDPR”).  Specifically, the Guidelines address the applicability of GDPR Articles 3 and 27.

Article 3(1) – Establishment Criteria

GDPR Article 3(1) states that the GDPR
Read More European Data Protection Board Releases Guidelines on the Territorial Scope of the GDPR

The New York Department of Financial Services Cybersecurity Regulations, 23 NYCRR part 500 (the “Cybersecurity Regulations”), require companies subject to the regulations to update their record retention schedule for particular documents mandated by the Cybersecurity Regulations.  In particular, covered entities must have policies and procedures in place for the
Read More Document Retention Aspects of New York Cybersecurity Regulations

Locke Lord’s Insurance & Reinsurance Newsletter provides topical snapshots of recent developments in the fast-changing world of insurance. For further information on any of the subjects covered in the newsletter, please contact one of the members of our Insurance team.

In This Issue:


Read More Insurance and Reinsurance Newsletter – September 2018

Update: the Governor of California, signed Senate Bill 1121 on September 23, 2018, ratifying the amendments described below.

On August 31, 2018, the California State Legislature passed Senate Bill 1121, amending the California Consumer Privacy Act of 2018 (“CCPA”).  The CCPA, which contains the broadest consumer data privacy protections
Read More California Amends Consumer Data Privacy Act, but Leaves Material Provisions Unchanged and Questions Unanswered

In This Issue:


Read More Privacy & Cybersecurity Newsletter – August 2018

As reported here, the NAIC adopted a model law for the protection of the data and systems used by the insurance industry, and South Carolina became the first state to enact legislation based on the NAIC model.  In doing so, however, the South Carolina legislature created some uncertainty by
Read More South Carolina Department clarifies confusing change in its new Insurance Data Security Act

As we reported here, and further analyzed here in October 2017, the NAIC adopted an Insurance Data Security Model Law.

On May 3, 2018, the South Carolina Governor made South Carolina the first state in the nation to adopt a comprehensive cybersecurity statute for the insurance industry, by signing
Read More South Carolina becomes First State to enact Insurance Data Security Law based on NAIC Model