In this month’s webcast, “Financial Services 2024 Privacy and Cybersecurity Preview,” Greg Szewczyk and Sarah Dannecker give an overview of how the privacy and cybersecurity landscape is evolving in the financial sector. From more specific data security reporting requirements
CyberAdviser
Insights from the frontlines of privacy and data security law
Latest from CyberAdviser - Page 2
HIPAA Breach Notifications – A Question of Timing
You are the HIPAA privacy official of a hospital or health plan (a covered entity under HIPAA). You receive an email from a vendor that handles protected health information (a business associate), informing you that one month ago an unauthorized…
Colorado Leads the Way on AI Regulation in the Insurance Industry
On November 14, 2023, the Colorado Division of Insurance’s AI insurance regulations went into effect. Colorado is now the first state in the nation to adopt regulations specifically aimed at insurance algorithms.
Colorado’s regulation requires life insurance companies to report…
FTC Authorizes use of Compulsory Process in AI Investigations
On November 21, the Federal Trade Commission (“FTC”) approved in a 3-0 vote a resolution authorizing the use of compulsory process in nonpublic investigations involving products and services that involve or claim to involve Artificial Intelligence (AI).
Compulsory process is…
CPPA Releases Proposed Automated Decision-Making Rules
On November 27, 2023, the California Privacy Protection Agency (CPPA) published proposed Automated Decision-Making Rules to be discussed by the CCPA board at its upcoming meeting on December 8, 2023. While the proposed rules are far from final—indeed, they are…
FCC and FTC Announce new AI Calling and Voice Initiatives
On November 16th, the Federal Communications Commission (“FCC”) and Federal Trade Commission (“FTC”) announced new independent initiatives regarding the use and implications of AI technologies on consumers in the context of telephone and voice communications. Learn more about these initiatives…
Colorado Publishes Universal Opt-Out Mechanism Shortlist
The Colorado Department of Law (“DoL”) has published a shortlist of potential universal opt-out mechanisms (“UOOMs”). Beginning on July 1, 2024, companies will be required to allow consumers to opt out of the sale of their personal data or use…
FTC Announces New Safeguards Rule Breach Notification Requirements
On October 27, the Federal Trade Commission (“FTC”) unanimously voted to amend the Safeguards Rule to require non-banking financial institutions, such as mortgage brokers, motor vehicle dealers, and payday lenders, to report data breaches and security events to the Agency.…
CFPB Issues Proposed Rule Offering Consumers Greater Access to and Control Over Their Financial Data
On October 19, 2023, the Consumer Financial Protection Board (“CFPB”) released a proposed rule that, if enacted, would grant consumers greater access rights to the data their financial institutions hold. Under the proposed Personal Financial Data Rights Rule (the “Proposed…
CPPA Publishes New Draft Regulations Addressing AI, Risk Assessments, and Cyber Audits
The California Privacy Protection Agency (CPPA) recently published two new sets of draft regulations addressing a range of cutting-edge data protection issues. Although the Agency has not officially started the formal rulemaking process, the Draft Cybersecurity Audit Regulations and the…