Latest Publications

Share:

New York DFS Cybersecurity Regulation Update: Lots Left To Do

Insurers and producers, banks, lenders and others licensed by the New York Department of Financial Services (DFS) have already had to comply with several of the requirements of the new DFS Cybersecurity Regulation, but for...more

Developing Cybersecurity Requirements in Banking, Insurance and Other Financial Services

The financial services industry has been dealing with requirements for cybersecurity since 1999, but 2017 brought new, significant, and proliferating obligations. The bar for the whole industry was clearly raised by the...more

Forward Vision: New York’s Cybersecurity Regulation Imposes a Series of Deadlines

New York’s cybersecurity regulation that went into effect in March has far reaching implications. The first transition date for implementation of several requirements of the state’s Department of Financial Services regulation...more

NAIC Adopts Model Cybersecurity Law

Based largely on the NY DFS Cybersecurity Regulation that became effective March 1, 2017, the NAIC has adopted a Model Cybersecurity Law that would, once adopted by the various states, establish significant requirements for...more

NY DFS Cybersecurity Exemption Filings due October 30

October 30, 2017 is the extended deadline for most Covered Entities claiming an exemption to file the Notice of Exemption required by the NY DFS Cybersecurity Regulation (23 NYCRR 500.19(e)). The filing deadline is 30 days...more

New York DFS Cybersecurity Regulation Update: Lots Left To Do

Insurance companies and producers, banks, lenders and others licensed by the New York Department of Financial Services (DFS) have already had to comply with several of the requirements of the new DFS Cybersecurity Regulation,...more

New York’s Cybersecurity Requirements for DFS Licensees: A New Item at the Top of the To-Do List

With the compliance date only a few months away, licensees of the New York Department of Financial Services (DFS) must start taking action immediately to comply with the coming cybersecurity requirements, which will be more...more

New York's Cybersecurity Requirements for DFS Licensees: A New Item at the Top of the To-Do List

With a compliance date a few months away, licensees of the New York Department of Financial Services (DFS) must start taking action in response to coming cybersecurity requirements, which will be more onerous and difficult...more

Insurance & Reinsurance Newsletter

New Corporate Governance Annual Disclosure Requirements for Connecticut Insurers to Take Effect in 2017 - A recently enacted Connecticut statute intended to compel insurance companies to improve their corporate...more

New Corporate Governance Annual Disclosure Requirements for Connecticut Insurers to Take Effect in 2017

A recently enacted Connecticut statute intended to compel insurance companies to improve their corporate governance will impose significant new obligations on Connecticut domestic insurers, and their holding companies....more

Privacy & Cybersecurity Newsletter

New York’s Cybersecurity Requirements for DFS Licensees: A New Item at the Top of the To Do List - With a compliance date a few months away, licensees of the New York Department of Financial Services (DFS) must start...more

New York DFS Promulgates Cybersecurity Requirements for Financial Services

The New York State Department of Financial Services promulgated proposed cyber security requirements to respond to “the ever-growing threat posed to information and financial systems by nation-states, terrorist organizations...more

Privacy & Cybersecurity Newsletter: April 2016

What seems like a long time ago now, in 2011 PricewaterhouseCoopers (PwC) warned that “there is no question that law firms are among the companies being targeted by cyber criminals.” Despite this, many law firms believed (or...more

NAIC Preliminary Draft Insurance Data Security Model Law Draws Praise and Criticism

Early this month, the NAIC Cybersecurity (EX) Task Force released a preliminary working and discussion draft of an Insurance Data Security Model Law. While praise worthy in its effort to provide uniformity for data security...more

Rhode Island Amends Identity Theft Protection Act

Rhode Island recently amended its 10-year-old Identity Theft Protection Act effective June 26, 2016, further defining and refining existing data security and breach notification requirements, and adding a requirement to...more

EU Cyber Security Directive (CSD) Introduces Cross Sector Data Breach Notification

The European Parliament, the Council and the Commission have agreed on the first EU-wide legislation on cybersecurity. Under the new measure, internet companies such as Google, Amazon, eBay and Cisco, but not social...more

GLBA Annual Privacy Notice Eliminated under Certain Circumstances: Buried in a Highway Bill!

On December 4, 2015, President Obama signed the Highway Bill, dubbed Fixing America’s Surface Transportation Act (“FAST Act”), into law. Buried in the 490 page transportation law is a significant amendment to the...more

Expect New Cybersecurity Regs from New York DFS

DFS identified several areas that would be the subject of specific requirements in the potential regulations. These include requirements for (i) cyber security policies and procedures, (ii) third-party service provider...more

NAIC Cybersecurity Bill of Rights: The Awkward New Guest at the Data Breach Law Party

On October 14, 2015, the NAIC’s Cybersecurity (EX) Task Force adopted a Cybersecurity Bill of Rights, an aspirational, well-intended document outlining the rights insurance consumers should (or could? or might? this point...more

Safe Harbor Ruling: Company Considerations and Near Term Strategies

Following the landmark judgment of the CJEU on 6 October 2015, which declared the U.S.-EU Safe Harbor scheme invalid and allowed national supervisory authorities to evaluate whether an adequate level of protection is provided...more

NAIC Cybersecurity “Bill of Rights” Wrong to Many Insurers

Last week, an NAIC task force moved forward in recommending a cybersecurity “bill of rights” that insurance regulators could provide consumers, essentially creating an expectation of notice of a breach “never more than 60...more

EU U.S. Data Protection: U.S.-EU Safe Harbor Scheme Declared Invalid by Court of Justice of the European Union

As anticipated by our earlier article (published on October 2, 2015) “EU U.S. Data Protection: The Safe Harbor Framework Under Attack”, Europe’s highest court, the Court of Justice of the European Union (CJEU), has followed...more

Privacy & Cybersecurity Newsletter: International Edition July 2015

Retail Tracking Update: Privacy Guidance Following Nomi Technologies - There is currently a widespread effort to quantify everything, from steps, to sleep, to batted ball exit velocity. Fifteen years ago, TV host Jeremy...more

Significant Amendments to Connecticut and Nevada Breach Notifications and Data Security Laws

Nevada and Connecticut recently enacted amendments to breach notification and data security requirements that are relatively unique among existing state laws, thus imposing new compliance obligations upon companies doing...more

Internal Investigations: The Three C’s – Confidence. Credibility. Cost.

In this issue: - THE THREE C’S — CONFIDENCE, CREDIBILITY AND COST - WHO CONDUCTS THE INVESTIGATION? - SCOPE OF THE INVESTIGATION - MINDSET AT THE OUTSET OF AN INVESTIGATION - THE NEED FOR...more

28 Results
/
View per page
Page: of 2

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.