Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2014 Nelson Brown Hamilton & Krekstein LLC. All Rights Reserved PRIVACY & DATA SECURITY: A LEGAL FRAMEWORK MOLLY LANG, PARTNER, NELSON BROWN & CO.

Similar presentations


Presentation on theme: "© 2014 Nelson Brown Hamilton & Krekstein LLC. All Rights Reserved PRIVACY & DATA SECURITY: A LEGAL FRAMEWORK MOLLY LANG, PARTNER, NELSON BROWN & CO."— Presentation transcript:

1 © 2014 Nelson Brown Hamilton & Krekstein LLC. All Rights Reserved PRIVACY & DATA SECURITY: A LEGAL FRAMEWORK MOLLY LANG, PARTNER, NELSON BROWN & CO.

2 FOCUSED ON THE BUSINESS OF INSURANCE Federal Industry State

3 FOCUSED ON THE BUSINESS OF INSURANCE FEDERAL LAWS FTC Act Gramm- Leach- Bliley Act HIPAA

4 FOCUSED ON THE BUSINESS OF INSURANCE State Laws Consumer Protection Statutes and Regulations GLBA and HIPAA Add-Ons Social Security Number Laws Record Disposal Laws Data Security Laws Breach Notification Laws

5 FOCUSED ON THE BUSINESS OF INSURANCE Data Security Laws What Is Regulated? Personally Identifiable Information Name  Address   Phone  SS# xxx-xx-xxxx Drivers License  Credit Card #  Access Info 

6 FOCUSED ON THE BUSINESS OF INSURANCE Data Security Laws Who Is Regulated? Businesses that own, license, store or maintain PII about MA residents. Mass. Reg. Code tit. 201 § Operators of commercial websites, online services and mobile apps that collect PII about CA residents who use or visit the website or service. Cal. Bus. & Prof. Code § 22575(a)

7 FOCUSED ON THE BUSINESS OF INSURANCE Data Security Laws How Is It Regulated? Cal. Bus. & Prof. Code § 22575(b) Conspicuous Posting of Online Privacy Practices Identify PII Collected Categories of Third Parties With Whom PII Shared Explain How Consumer Can Review PII and Make Changes Explain How Consumer Will Be Notified if Privacy Policy Changes Do Not Track Mechanism

8 FOCUSED ON THE BUSINESS OF INSURANCE Data Security Laws How Is It Regulated? Comprehensive Written Information Security Program/Reasonable Security Procedures and Practices Technical Security Controls Ongoing Monitoring of Systems for Unauthorized Use

9 FOCUSED ON THE BUSINESS OF INSURANCE Breach Notification Laws Risk of Harm Threshold Format of Records Content of Letters Notice to Government Timing of Notification Liability for Failure to Comply

10 FOCUSED ON THE BUSINESS OF INSURANCE CURRY V. AVMED INC.  $ Compensation for victims of a data breach without requiring them to show actual economic loss from theft of personal data Unjust enrichment cause of action 2 corporate laptops stolen containing unencrypted information

11 FOCUSED ON THE BUSINESS OF INSURANCE Best Defense Against Breaches Strong Security Program Mandatory training for all employees Additional training for select employees GPS tracking capabilities Password protocols Physical security upgrades Update written data security policies and procedures

12


Download ppt "© 2014 Nelson Brown Hamilton & Krekstein LLC. All Rights Reserved PRIVACY & DATA SECURITY: A LEGAL FRAMEWORK MOLLY LANG, PARTNER, NELSON BROWN & CO."

Similar presentations


Ads by Google