On June 17, the New York State Assembly passed the Stop Hacks and Improve Electronic Data Security Act, commonly referred to as the SHIELD Act which will be enforced by the New York Attorney General. This SHIELD Act should not be confused with Marvel’s Strategic Homeland Intervention Enforcement and Logistics Division also called S.H.I.E.L.D. The SHIELD Act is awaiting the governor’s signature to become law.
Read MoreOn March 1, 2017 the cybersecurity regulation of the New York Department of Financial Services (the “DFS Regulation”) took effect, requiring subject financial institutions, including insurance companies, (“Covered Entities”) to among other things adopt written information security programs to address the protection of nonpublic information and information systems.
Read MoreAs an early stage or startup InsurTech, you’re highly focused on all the right things: identifying a challenge for the insurance industry, developing an innovative technical solution, making it practical and scalable, getting it funded, and implementing it. The industry for which InsurTech seeks to develop and deliver solutions is awash, however, in requirements and restrictions related to the collection, use, sharing, and protection of data.
Read MoreTed Augustinos, a member of the steering committee of Locke Lord’s Privacy and Cybersecurity Practice Group, authored an article detailing the stifling effect of privacy and cybersecurity regulations on innovative data usage at insurance companies.
Read MoreAs we’ve been predicting, including here, the Cybersecurity Regulation adopted by the NY DFS for insurance, banking and other financial services continues to drive the conversation in the U.S. The latest manifestation is the FTC proposal, announced March 5, 2019, to amend it Safeguards Rule adopted pursuant to the Gramm-Leach-Bliley Act of 1999 (GLBA) to require financial institutions to adopt certain safeguards to protect the nonpublic personal information of consumers.
Read MoreLocke Lord’s Privacy & Cybersecurity Newsletter provides topical snapshots of recent developments in the fast-changing world of privacy, data protection, and cyber risk management. For further information on any of the subjects covered in the newsletter, please contact one of the members of our privacy and cybersecurity team.
Read MoreOn November 23, the European Data Protection Board released guidelines for public comment (the “Guidelines”) on the territorial scope of the General Data Protection Regulation (“GDPR”).
Read MoreThe New York Department of Financial Services Cybersecurity Regulations, 23 NYCRR part 500 (the “Cybersecurity Regulations”), require companies subject to the regulations to update their record retention schedule for particular documents mandated by the Cybersecurity Regulations.
Read MoreLocke Lord’s Insurance & Reinsurance Newsletter provides topical snapshots of recent developments in the fast-changing world of insurance. For further information on any of the subjects covered in the newsletter, please contact one of the members of our Insurance team.
Read MoreUpdate: the Governor of California, signed Senate Bill 1121 on September 23, 2018, ratifying the amendments described below.
On August 31, 2018, the California State Legislature passed Senate Bill 1121, amending the California Consumer Privacy Act of 2018 (“CCPA”). The CCPA, which contains the broadest consumer data privacy protections in the country, was hastily passed in June to forestall an advocacy group from putting a more restrictive bill before voters in a November referendum.
