Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

EU-U.S. Privacy Shield – Full Text Released

On February 29, 2016, the European Commission released the text of the EU-U.S. Privacy Shield. The text reveals the details of a new framework that will place stronger obligations on U.S. companies to protect the personal data of EU citizens. It will also involve heightened compliance requirements and authorizes enforcement measures by the U.S. Department of Commerce (Commerce) and the...

Data Sentinel: The Evolving Role of the Attorney as Protector of Company Data

Data. It is one of your organization’s greatest assets, and a necessary part of doing business. But in today’s financial services environment, it is also a source of one of your organization’s greatest risks. In their article for FinTech Law Report, Sutherland attorneys Michael Steinig and Mary Jane Wilson-Bilik describe the attorney’s evolving role in protecting company data, and...

Pros and Cons of the Payment Card Industry Data Security Standard

The Payment Card Industry Data Security Standard (the PCI DSS) establishes the self-described minimum data protection measures required of all entities involved in payment card transactions. The PCI DSS consists of 12 basic requirements, along with testing procedures and guidance designed to assist entities in meeting each requirement. The PCI DSS itself is not a law or regulation, and...

EU-US Privacy Shield: European Union and U.S. Reach Agreement in Principle for New Data Transfer Framework – But Uncertainty Remains

On February 2, 2016, the European Commission (EC) and the U.S. Department of Commerce (Commerce) announced that they had reached agreement on a new data transfer safe harbor arrangement for the transfer of personal data from Europe to the U.S. The new safe harbor pact, called the EU-US Privacy Shield, was negotiated in the wake of the EU Court of Justice’s (CJEU) decision in October...

NAIC Task Force Adopts a Cybersecurity “Bill of Rights” Despite Industry Objections

On October 14, the National Association of Insurance Commissioners Cybersecurity Task Force (NAIC Task Force) adopted a version of the Cybersecurity Bill of Rights for insurance consumers. The Bill of Rights claims to outline the rights insurance consumers can expect when insurers, agents and other businesses collect personal consumer information and experience data breaches. It was...

NAIC Adopts New Cybersecurity Exam Tool

On September 21, the National Association of Insurance Commissioners IT Examination Working Group adopted amendments to the IT section of the Financial Condition Examiners Handbook to strengthen the Handbook’s already existing cybersecurity guidance. Charged with improving this guidance, the Working Group compared the Handbook’s guidance to the National Institute of Standards and...

« Older Entries