The Risk-based Approach to Data Breach Response Meeting mounting expectations for effective, relevant solutions
|
|
- Barrie Collins
- 5 years ago
- Views:
Transcription
1 The Risk-based Approach to Data Breach Response Meeting mounting expectations for effective, relevant solutions
2 Our Speakers Mark Melodia is Partner and Co-Head of the Global Data Security, Privacy & Management Group for Reed Smith. Timothy P. Ryan is managing director and Cyber Investigations Practice Leader for Kroll. Brian Lapidus is managing director and InfoSec Practice Leader for Kroll. Moderator Steven Littleson is a director in Cyber Security at Kroll.
3 The Data Breach Investigation before Mitigation Accuracy above Assumption In the Beginning Match Remedy to Risk
4 The Data Breach A broken promise.
5 Prepare to be Judged in Hindsight Encourage broad thinking about types of litigation and potential causes of action.» Negligence» Waste and conversion» Invasion of privacy» Breach of contract» Breach of fiduciary duty» Unjust enrichment 1» Unjust enrichment 2» Violation of the Fair Credit Reporting Act» State consumer protection statutes» Business-to-business litigation» Shareholder/Securities Litigation
6 Set Realistic Expectations Communications» Controlling the flow of internal communications» Crafting and directing effective external messages» Monitoring and responding to reactions to the breach Litigation» Hundreds of class action suits, fueled by tens of millions of breach letters» Most privacy class actions seek millions or billions in statutory penalties, even absent any out-of-pocket harm to consumers» Even nominal damages under common law (e.g., $1 per person for invasion of privacy) can mount quickly into millions of dollars in potential classwide liability» Not just consumer suits
7 Factor in the Government, Part 1: Federal Trade Commission Actions Unfair and deceptive acts in commerce Dozens of investigations, many enforcement actions Jointly with other agencies that may also have specific industry jurisdiction Multi-million dollar consent resolution amounts and agreements to change process will last for decades Settling with private class counsel without satisfying the government may be a lost opportunity
8 Factor in the Government, Part 2: State Attorney General Actions Often the first notified of a potential privacy or security issue Can demand that companies offer credit monitoring to resolve investigations, even if courts in private class actions do not Often obtain large resolution payments in situations where the private class action bar fails Data Security/Privacy as a politically popular consumer protection issue
9 Investigation before Mitigation Get out of your own way.
10 Top 8 Mistakes Companies Make When preparing for and responding to a data breach 1. Escalation and Employee Security Awareness 2. The Need to Preserve Evidence: Competing Interests 3. The Ability to Collect Evidence: Forensic Capabilities 4. The Ability to Demand Evidence: Third Parties 5. Log Creation and Centralization 6. Internal Conflicts: IT versus Security 7. Network Visibility and Architecture 8. Containment and Eradication Strategy
11 and One to Avoid: Involve the Police Goals: Enforcement versus Breach Notification Evidence Seizure, Review and Return How it is seized What the reviewer is searching for: government versus private Does the corporation get to look at it Who does Remediation Arrest Attorney-Client Privilege Control Life and Death/Only Government Can Assist
12 Focus on Facts Without Fear 1. How did the data breach occur? 2. What was the size of the breach? 3. What type of PII/PHI was exposed? 4. Who is the impacted population?
13 Case Study Situation:» Hacking incident left a retailer s network exposed for three months; credit card numbers and PINs processed during that time vulnerable» The client contacted Kroll, ready to notify 275,000 customers Kroll actions:» Reverse-engineered the code used to compromise the data and discovered two key findings: only one type of credit card had been targeted, and a bug had caused the code to stop working after 21 days Outcome:» Significant reduction in the number of impacted individuals and notifications required from 275,000 to 27,000» Reduced the client s cost to meet notification requirements by 90%
14 What Was the Size of the Breach? Comparison Exact Notification vs. Over-Notification Exact Notification ~ Cost Forensic Investigation $50, Notification, Call Center, ID Theft Consultation & $88, Restoration 1Bureau Credit Monitoring $50, Total $188, Over-Notification ~ Cost Forensic Investigation $50, Notification, Call Center, ID Theft $600, Consultation & Restoration $800, $300, Bureau Credit Monitoring $450, Total $900,000 - $1,250, Bottom Line: for an investment of $50,000 in forensic investigation work, the scope of the breach was reduced by hundreds of thousands of records. Total Savings on Known Costs: $712,000 $1,062,000
15 In the Beginning there was Credit Monitoring
16 When Credit Monitoring Isn t Enough Traffic stop reveals fraudulent 8-year-old DUI charge Online tax filing rejected: SS# already used to file Stranger s hospital bill linked to name and address A $30k loan a car cosmetic surgery a summons 4 years to resolve
17 You Need New Tools for New Threats Name address DATE OF BIRTH MARITAL STATUS gender race ethnicity national origin Grade Point Average drivers license number personal income bank account and routing numbers credit or debit card number financial account number username PASSWORD government-issued identification number insurance numbers warrants for arrest personal medical data
18 If this data is exposed Name, address, date of birth Credit card numbers Bank account numbers alternative monitoring can: Search for additional addresses associated with that person Crawl Internet monitoring sites where criminals buy and sell financial details Scan for short-term, pay-day or cash advance loans where no credit check is required
19 Match Remedy to Risk Real need, real solution.
20 Published Guidance from the CA AG California Office of Privacy Protection advises organizations:» If you are considering offering notice recipients credit monitoring or another identity theft assistance service as a mitigation, make sure it is relevant to the situation.» Credit monitoring is not helpful for breaches of account numbers only.
21 Published Guidance from the IL AG Illinois Attorney General advises organizations to:» determine when to offer credit monitoring and when to contract for an alternative form of monitoring.» explore their options because credit monitoring may not be appropriate in all breach situations.
22 Wise Investments Here Known Costs» Legal Counsel» Forensic Investigation» PII/PHI Identification» Notification» Call Center» Monitoring» Preventative Services Help Control Costs Here Unknown Costs» Brand Damage» Customer Churn» Settlement Fees» Fines» Business Transactions: IPO, Mergers & Acquisitions
23 It Works struck the claim for damages already reasonably compensated the affected The judge ruled in our favor on all points.
24 Take-Aways How did the data breach occur? How was data accessed? Can you confirm data was, in fact, exposed? To whom was the data potentially exposed? Can you confirm what was done with the data? What was the size of the breach? Has the incident been contained? How many records have been impacted? What response efforts can you afford based upon the size of the breach? What type of PII/PHI was exposed? Can you confirm what PII/PHI was compromised? What constitutes a record for the purpose of notification? Was other data compromised that could lead to risk of identity theft or other harm? Who was the impacted population? Who are the victims? What is the relationship of the insured with the breach victims? What is the relationship of the victims to one another? Where are the victims located?
25 Questions: Mark S. Melodia Phone (609) » Please visit the Reed Smith Global Regulatory Enforcement Blog at globalregulatoryenforcementlawblog.com Tim Ryan Phone (212) » Brian Lapidus Phone (615) » Find out more at Krollcybersecurity.com or» Kroll.com
26
27 Thank you.
CYBER ATTACKS AFFECTING FINANCIAL INSTITUTIONS GUS SPRINGMANN, AON PAVEL STERNBERG, BEAZLEY
CYBER ATTACKS AFFECTING FINANCIAL INSTITUTIONS GUS SPRINGMANN, AON PAVEL STERNBERG, BEAZLEY Agenda Threat Landscape and Trends Breach Response Process Pitfalls and Critical Points BBR Services Breach Prevention
More informationCyber Risks & Insurance
Cyber Risks & Insurance Bob Klobe Asst. Vice President & Cyber Security Subject Matter Expert Chubb Specialty Insurance Legal Disclaimer The views, information and content expressed herein are those of
More informationROCHESTER INSTITUTE OF TECHNOLOGY
ROCHESTER INSTITUTE OF TECHNOLOGY Identity Theft Protection Table of Contents Introduction...2 Important Note About Passwords...2 General Information...2 Who is Covered and When...2 You Need to Enroll...3
More informationProtecting Yourself from Fraud including Identity Theft Advanced Level
Protecting Yourself from Fraud including Identity Theft Advanced Level Fraud Fraud an intentional effort to deceive another individual for personal gain Arrests for crimes not committed Damaged financial
More information503 SURVIVING A HIPAA BREACH INVESTIGATION
503 SURVIVING A HIPAA BREACH INVESTIGATION Presented by Nicole Hughes Waid, Esq. Mark J. Swearingen, Esq. Celeste H. Davis, Esq. Regional Manager 1 Surviving a HIPAA Breach Investigation: Enforcement Presented
More informationServices and Features
Services and Features IDShield offers one of the most comprehensive products on the market for protecting and restoring your identity. The following is a list of IDShield s specific services and features.
More informationServices & Features for Employee Benefit Members
Services & Features for Employee Benefit Members IDShield offers one of the most comprehensive products on the market for protecting and restoring your identity. The following is a list of IDShield s specific
More informationBest Practice: Responding to a Privacy Breach
Best Practice: Responding to a Privacy Breach Introduction The Access to Information and Protection of Privacy Act (ATIPP Act or Act) has a dual purpose: to make public bodies more accountable to the public
More informationDATA COMPROMISE COVERAGE FORM
DATA COMPROMISE DATA COMPROMISE COVERAGE FORM Various provisions in this policy restrict coverage. Read the entire policy carefully to determine rights, duties and what is and is not covered. Throughout
More informationSummary Comparison of Current Senate Data Security and Breach Notification Bills
Data Security reasonable Standards measures Specific Data Security Requirements Personal Information Definition None (a) First name or (b) first initial and last name, in combination with one of the following
More informationTHIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ IT CAREFULLY CRISIS MANAGEMENT COVERAGE The Insurer shall pay on behalf of the Insured: 1) Crisis Management Expenses that are a direct result of a Network
More informationNotification of Rights for Texas Consumers
Notification of Rights for Texas Consumers The Texas Business and Commerce Code requires that Texas consumers be given notice of their rights with written disclosure. You have the right to obtain a copy
More informationWhat to expect as a LifeLock member LEARN HOW TO GET THE MOST FROM YOUR MEMBERSHIP
LIFELOCK MEMBER EXPECTATIONS GUIDE 800-607-91744 LifeLock.com What to expect as a LifeLock member LEARN HOW TO GET THE MOST FROM YOUR MEMBERSHIP THE LIFELOCK MEMBER COMMUNICATION EXPERIENCE Signing up
More informationPRIVACY AND CYBER SECURITY
PRIVACY AND CYBER SECURITY Presented by: Joe Marra, Senior Account Executive/Producer Stoya Corcoran, Assistant Vice President Presented to: CIFFA Members September 20, 2017 1 Disclaimer The information
More informationHIPAA PRIVACY AND SECURITY RULES APPLY TO YOU! ARE YOU COMPLYING? RHODE ISLAND INTERLOCAL TRUST LINN F. FREEDMAN, ESQ. JANUARY 29, 2015.
HIPAA PRIVACY AND SECURITY RULES APPLY TO YOU! ARE YOU COMPLYING? RHODE ISLAND INTERLOCAL TRUST LINN F. FREEDMAN, ESQ. JANUARY 29, 2015. PURPOSE OF PRESENTATION To Discuss Laws Governing Use and Disclosure
More informationSAFEGUARDING YOUR CHILD S FUTURE. Child Identity Theft. Protecting Your Child s Identity
SAFEGUARDING YOUR CHILD S FUTURE Child Identity Theft Child identity theft happens when someone uses a minor s personal information to commit fraud. A thief may steal and use a child s information to get
More informationCyberinsurance: Necessary, Expensive and Confusing as Hell. Presenters: Sharon Nelson and Judy Selby
Cyberinsurance: Necessary, Expensive and Confusing as Hell Presenters: Sharon Nelson and Judy Selby Setting the stage 2018 report from PwC one-third of US businesses have some form of cyberinsurance PwC
More informationBERKELEY POLICE DEPARTMENT. DATE ISSUED: February 6, 2013 GENERAL ORDER V-5 PURPOSE
SUBJECT: STOLEN VEHICLE INVESTIGATIONS (REVISED) PURPOSE 1 - The purpose of this General Order is to explain procedures for completing stolen vehicle and related investigations. POLICY 2- This Department
More informationUNDERSTANDING HIPAA COMPLIANCE IN 2014: ETHICS, TECHNOLOGY, HEALTHCARE & LIFE
UNDERSTANDING HIPAA COMPLIANCE IN 2014: ETHICS, TECHNOLOGY, HEALTHCARE & LIFE JULIE MEADOWS-KEEFE GROSSMAN, FURLOW, AND BAYÓ, LLC 2022-2 RAYMOND DIEHL RD. TALLAHASSEE, FL. 32308 (850) 385-1314 J.MEADOWS-KEEFE@GFBLAWFIRM.COM
More informationDATA COMPROMISE COVERAGE RESPONSE EXPENSES AND DEFENSE AND LIABILITY
THIS ENDORSEMENT CHANGES THE POLICY. PLEASE READ IT CAREFULLY. DATA COMPROMISE COVERAGE RESPONSE EXPENSES AND DEFENSE AND LIABILITY Coverage under this endorsement is subject to the following: PART 1 RESPONSE
More informationEvaluating Your Company s Data Protection & Recovery Plan
Evaluating Your Company s Data Protection & Recovery Plan CBIA Cybersecurity Webinar Series 11AM 12PM Part V. Presented by: Stewart Tosh Charles Bellingrath Date: December 7, 2017 Today s presenters Stewart
More informationSixth Annual Benchmark Study on Privacy & Security of Healthcare Data
Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data Sponsored by ID Experts Independently conducted by Ponemon Institute LLC Publication Date: May 2016 Ponemon Institute Research Report
More informationApril 27, Dear John Sample:
Processing Center P.O. BOX 141578 Austin, TX 78714 00001 ACD1234 00001 JOHN Q. SAMPLE 1234 MAIN STREET ANYTOWN US 12345-6789 April 27, 2016 Dear John Sample: On February 26, 2016, the company contracted
More informationCyber & Privacy Liability and Technology E&0
Cyber & Privacy Liability and Technology E&0 Risks and Coverage Geoff Kinsella Partner http://map.norsecorp.com http://www.youtube.com/watch?v=f7pyhn9ic9i Presentation Overview 1. The Cyber Evolution 2.
More informationInsuring! Agreement Claim! Scenario Coverage! Response Network &! Information! Security Liability A hacker successfully obtains sensitive, personal information from the insured s computer system. As a
More informationOctober 30, 2017 File No VIA ELECTRONIC SUBMISSION
Elizabeth R. Dill 550 E. Swedesford Road, Suite 270 Wayne, Pennsylvania 19087 Elizabeth.Dill@lewisbrisbois.com Direct: 215.977.4080 October 30, 2017 File No. 50131.512 VIA ELECTRONIC SUBMISSION Attorney
More informationPersonal Information Protection Act Breach Reporting Guide
Personal Information Protection Act Breach Reporting Guide If an organization determines that a real risk of significant harm exists to an individual as a result of a breach of personal information, section
More informationChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them
ChicagoLand RIMS Cyber Insurance Coverage Pitfalls and How to Avoid Them PROVIDED BY HUB INTERNATIONAL October 25th, 2016 W W W. C H I C A G O L A N D R I S K F O R U M. O R G AGENDA 1. The evolution of
More informationIdentity Theft Solutions
Identity Theft Solutions Identity Theft Solutions August 12, 2015 2 A Complete IDENTITY THEFT SOLUTION Identity theft is the fastest growing financial crime in America, striking thousands of victims each
More informationSlide 1. Slide 2. Slide 3. Identity Theft Coverage. Today s Agenda. What is Identity Theft? What is Identity Theft?
Slide 1 Identity Theft Coverage Presented by Hartford Steam Boiler Inspection & Insurance Company Copyright 2010 The Hartford Steam Boiler Inspection and Insurance Company Slide 2 Today s Agenda What is
More informationCardholder Agreement. Effective 10/1/17
Cardholder Agreement INTRODUCTION: In this document, the term Agreement means this Cardholder Agreement and the disclosures found in our Important Cost Information about our Credit Card insert that is
More informationCARDHOLDER AGREEMENT IMPORTANT: PLEASE READ CAREFULLY AND KEEP FOR YOUR RECORDS.
CARDHOLDER AGREEMENT IMPORTANT: PLEASE READ CAREFULLY AND KEEP FOR YOUR RECORDS. This Cardholder Agreement (this Agreement ) is between you and Green Dot Bank, the issuer of your Turbo SM Prepaid Visa
More informationCYBER LIABILITY: TRENDS AND DEVELOPMENTS: WHERE WE ARE AND WHERE WE ARE GOING
CYBER LIABILITY: TRENDS AND DEVELOPMENTS: WHERE WE ARE AND WHERE WE ARE GOING 2015 Verizon Data Breach Report 79,790 security incidents 2,122 confirmed data breaches Top industries affected: Public, Information,
More informationLEGALSHIELD PRESENTATION. Worry Less. Live More.
LEGALSHIELD PRESENTATION Worry Less. Live More. The Company Established 1972 Revenue approx. $450 million 3.5 million covered lives across U.S.A. and Canada 2.1 million requests for legal assistance annually
More informationCyber-Insurance: Fraud, Waste or Abuse?
SESSION ID: STR-F03 Cyber-Insurance: Fraud, Waste or Abuse? David Nathans Director of Security SOCSoter, Inc. @Zourick Cyber Insurance overview One Size Does Not Fit All 2 Our Research Reviewed many major
More informationc» BALANCE C:» Financially Empowering You The World of Credit Reports Podcast [Music plays] Nikki:
The World of Credit Reports Podcast [Music plays] Nikki: You re listening to world of credit. Hi, I m Nikki, your host for today s podcast. Credit reports and credit scores influence our lives in many
More informationLoaded Everyday card terms and conditions
Loaded Everyday card terms and conditions Posted Online: 1 October 2013 Effective: 15 October 2013 The Loaded TM range of cards is issued by Kiwibank Limited and distributed by various organisations, including
More informationAttachment to Identity Theft Prevention Service Provider Attestation
Attachment to Identity Theft Prevention Service Provider Attestation Identify Theft Prevention Policy Effective January 1, 2011 Identity Theft is a crime in which an individual wrongfully obtains and uses
More informationYou ve been hacked. Riekie Gordon & Roger Truebody & Alexandra Schudel. Actuarial Society 2017 Convention October 2017
You ve been hacked Riekie Gordon & Roger Truebody & Alexandra Schudel Why should you care? U$4.6 - U$121 billion - Lloyds U$45 billion not covered 2 The plot thickens 2016 Barkly Survey: It s a business
More informationCYBER CLAIMS BRIEF A SEMI-ANNUAL PUBLICATION FROM YOUR WNA FINEX CLAIMS & LEGAL GROUP
www.willis.com July 2015 CYBER CLAIMS BRIEF A SEMI-ANNUAL PUBLICATION FROM YOUR WNA FINEX CLAIMS & LEGAL GROUP INSIDE THIS EDITION... CYBER CLAIMS LANDSCAPE A SAMPLING OF LARGE CYBER SETTLEMENTS LEGAL
More informationUNIT 3-4 Preventing Identity Theft
UNIT 3-4 Preventing Identity Theft Identity theft occurs when someone uses your personal information without your permission to commit fraud or other crimes. The perpetrator may use your personal information
More informationH 7789 S T A T E O F R H O D E I S L A N D
======== LC001 ======== 01 -- H S T A T E O F R H O D E I S L A N D IN GENERAL ASSEMBLY JANUARY SESSION, A.D. 01 A N A C T RELATING TO INSURANCE - INSURANCE DATA SECURITY ACT Introduced By: Representatives
More informationResponding to Privacy Breaches
Key Steps in Responding to Privacy Breaches The purpose of this document is to provide guidance to private sector organizations, health custodians and public sector bodies on how to manage a privacy breach.
More informationCybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do
ARTICLE Cybersecurity Threats: What Retirement Plan Sponsors and Fiduciaries Need to Know and Do By Gene Griggs and Saad Gul This article analyzes cybersecurity issues for retirement plans. Introduction
More informationConsumer Federation of America Best Practices for Identity Theft Services. March 10, 2011
Consumer Federation of America Best Practices for Identity Theft Services March 10, 2011 Consumer Federation of America Best Practices for Identity Theft Services Table of Contents Introduction 3 About
More informationThe Smartest Employee Benefit Is Identity Theft Management
The Smartest Employee Benefit Is Identity Theft Management HELP PROTECT YOUR EMPLOYEES. Proposal For: Date: Presented By: Provide peace of mind. Raise your benefits to a new level. Every employee has a
More informationData Breach Financial Protection Program Terms and Conditions
Data Breach Financial Protection Program Terms and Conditions The Data Breach Financial Protection Program (the Program ) is a comprehensive expense reimbursement program, provided with some Netsurion
More informationPersonal Finance Unit 2 Chapter Glencoe/McGraw-Hill
0 Chapter 6 Consumer Credit What You ll Learn Section 6.1 Explain the meaning of consumer credit. Differentiate between closed-end credit and openend credit. Section 6.2 Name the five C s of credit. Identify
More informationDeluxe Provent SM : Protecting against expanded threats. Providing for expanded opportunities.
Deluxe Provent SM : Protecting against expanded threats. Providing for expanded opportunities. deluxe growth services introduction Identity thieves are extending beyond credit relationships and are more
More informationKasasa Protect. FAQ and Product Overview
Kasasa Protect FAQ and Product Overview Kasasa Protect... 3 Key Contact Info... 3 Included Benefits... 3 Credit Reporting... 4 Monthly Credit Score & Plotter... 4 24/7 Credit Monitoring... 5 Full-Service
More informationA GUIDE TO CYBER RISKS COVER
A GUIDE TO CYBER RISKS COVER Cyber risk the daily business threat to SMEs Cyber risks and data security breaches are a daily threat to everyday business. Less than 10% of UK companies have cyber insurance
More informationBUSINESS MASTERCARD CARDHOLDER DISCLOSURE AND AGREEMENT STANDARD AND CASH REWARDS MASTERCARDS
BUSINESS MASTERCARD CARDHOLDER DISCLOSURE AND AGREEMENT STANDARD AND CASH REWARDS MASTERCARDS This Business MasterCard Disclosure and Agreement sets forth the terms of your Account and includes this document,
More informationMONROE COUNTY SHERIFF S OFFICE. General Order
MONROE COUNTY SHERIFF S OFFICE General Order CHAPTER: 34 - D EFFECTIVE DATE: August 19, 2009 REFERENCE: CALEA 42.2.8 NO. PAGES: 8 TITLE: Identification Theft Investigation Procedures AMENDED: RESCINDS:
More informationProtecting Against the High Cost of Cyberfraud
Protecting Against the High Cost of Cyberfraud THE ROLE OF CYBER LIABILITY INSURANCE IN YOUR RISK MANAGEMENT STRATEGY Paying the Price...2 The Ransomware Scourge...3 Policy Provisions...3 Management Liability...4
More informationSAFE Visa Business Credit Card
SAFE Visa Business Credit Card PRICING INFORMATION Variable rates are based on the Prime Rate as of March 28, 2018. Annual Percentage Rate (APR) for Purchases Rates based on the Prime Rate Annual Percentage
More informationAnatomy of a Data Breach
Anatomy of a Data Breach May 17, 2017 Lucie F. Huger Officer, Greensfelder, Hemker & Gale, P.C. Mary Ann Wymore Officer, Greensfelder, Hemker & Gale, P.C. Information is the New Oil! Companies are collecting
More informationCYBER LIABILITY REINSURANCE SOLUTIONS
CYBER LIABILITY REINSURANCE SOLUTIONS CYBER STRONG. CYBER STRONG. State-of-the-Art Protection for Growing Cyber Risks Businesses of all sizes and in every industry are experiencing an increase in cyber
More informationSAFE Visa Business Credit Card
SAFE Visa Business Credit Card PRICING INFORMATION Variable rates are based on the Prime Rate as of October 1, 2018. Annual Percentage Rate (APR) for Purchases Rates based on the Prime Rate Annual Percentage
More informationNot All Breaches Are Created Equal. Nicholas L. Cramer Director of Data Breach Response
Not All Breaches Are Created Equal Nicholas L. Cramer Director of Data Breach Response Agenda Understanding The New Role of Cyber Insurance 1 st Party Risk vs. 3 rd Party Risk The Go-Live Timeline Interpreting
More informationYear-end 2016 fraud update: Payment cards, remote banking and cheque
Year-end 2016 update: Payment cards, remote banking and cheque 30 March 2017 1. Introduction Financial Fraud Action UK (FFA UK) is responsible for leading the collective fight against in the UK payments
More informationIdentity Theft Protection Plans
Identity Theft Protection Plans V E R I F Y P R O T E C T R E C O V E R IN 2017, DATA BREACHES REACHED ECONOMIC PROPORTIONS A victim may need to spend time at work trying to recover their good name and
More informationIntroduction to Fraud Detective Kirby Shoemake
Introduction to Fraud Detective Kirby Shoemake Fraud In criminal law, fraud is an intentional deception or coercion made for personal gain and to damage another individual in some way shape or form. Types
More informationPrivacy & Data Protection Procedure-Box Hill Institute Group
Privacy & Data Protection Procedure-Box Hill Institute Group Related Policy Procedure: Privacy & Data Protection Policy BHI Group Responsibility 1. In all Box Hill Institute Group (BHI Group) practices
More informationPublic Act No
Public Act No. 18-90 AN ACT CONCERNING SECURITY FREEZES ON CREDIT REPORTS, IDENTITY THEFT PREVENTION SERVICES AND REGULATIONS OF CREDIT RATING AGENCIES. Be it enacted by the Senate and House of Representatives
More informationISPFCU VISA PLATINUM PROGRAMS TERMS AND CONDITIONS The information about the costs of the card described is accurate as of July 14, 2017.
ISPFCU VISA PLATINUM PROGRAMS TERMS AND CONDITIONS The information about the costs of the card described is accurate as of July 14, 2017. ANNUAL PERCENTAGE RATE (APR) Other APRs Platinum Elite: Wall Street
More informationDate Here. Welcome University of Michigan International Students
Date Here Welcome University of Michigan International Students U.S. Banking System Overview Banking is regulated by federal and state governments Privacy Disclosure Fraud protection Protection against
More informationMEASURING & PRICING THE COST DRIVERS OF A CYBER SECURITY RISK EVENT
MEASURING & PRICING THE COST DRIVERS OF A CYBER SECURITY RISK EVENT IOWA ACTUARIES CLUB 2/25/16 EDUCATION DAY PRESENTED BY KEITH BURKHARDT, V.P. KRAUS-ANDERSON INSURANCE Overview I. Why are cyber security
More informationIdentity Theft Victim s Packet
Revised April 2010 Identity Theft Victim s Packet Information and Instructions This packet is to be completed once you have contacted the El Paso County Sheriff s Office and obtained a police report number
More informationHIPAA and Lawyers: Your stakes have just been raised
HIPAA and Lawyers: Your stakes have just been raised October 16, 2013 Presented by: Harry Nelson e: hnelson@fentonnelson.com Claire Marblestone e: cmarblestone@fentonnelson.com AGENDA Statutory & Regulatory
More informationCyber Risks & Cyber Insurance
Cyber Risks & Cyber Insurance Terry Quested Executive Director Associated Risk Managers of Ohio Darren Faye Vice President Leonard Insurance / Assured Partners Legal Disclaimer The views, information and
More informationHIPAA / HITECH. Ed Massey Affiliated Marketing Group
HIPAA / HITECH Agent Understanding And Compliance Presented By: Ed Massey Affiliated Marketing Group It s The Law On February 17, 2010 the Health Information Technology for Economic and Clinical Health
More informationPrivacy and Data Breach Protection Modular application form
Instructions The Hiscox Technology, Privacy and Cyber Portfolio Policy may be purchased on an a-la-carte basis. Some organizations may require coverage for their technology errors and omissions, while
More informationIdentity Theft Victim s Packet
Identity Theft Victim s Packet Information and Instructions This packet is to be completed once you have contacted Reno Police Department, complete a crime report and obtained a police report case number
More informationPRIVACY POLICY: INSURANCE OPERATIONS
PRIVACY POLICY: INSURANCE OPERATIONS CAA South Central Ontario ( CAA, we, us, or our ) and its affiliated companies, including CAA Insurance Company ( CAA Insurance ), respect the privacy of your personal
More informationCitrus Valley Health Partners notifies patients of data security incident
FOR IMMEDIATE RELEASE Contact: Diane Martin Phone: (626) 813-2834 Email:dmartin@mail.cvhp.org Citrus Valley Health Partners notifies patients of data security incident COVINA, Calif., Feb. 22, 2019 Citrus
More informationCyber breaches: are you prepared?
Cyber breaches: are you prepared? Presented by Michael Gapes, Partner Overview What is cyber crime? What are the risks and impacts to your business if you are a target? What are your responsibilities do
More informationTestimony. Submitted for the Record. American Bankers Association. Financial Institutions and Consumer Credit Subcommittee
Testimony Submitted for the Record from the American Bankers Association for the Financial Institutions and Consumer Credit Subcommittee of the Committee on Financial Services United States House of Representatives
More informationJuly 21, Data Security Incident. Dear Attorney General Ferguson:
July 21, 2017 Gregory J. Bautista 914.872.7839 (direct) Gregory.Bautista@wilsonelser.com Robert W. Ferguson Office of the 1125 Washington Street SE PO Box 40100 Olympia, WA 98504-0100 securitybreach@atg.wa.gov
More informationCyber, Data Risk and Media Insurance Application form
Instructions The Hiscox Technology, Privacy and Cyber Portfolio Policy may be purchased on an a-la-carte basis. Some organizations may require coverage for their technology errors and omissions, while
More informationWe re Under Cyberattack Now What?! John Mullen, Partner/Co-founder, Mullen Coughlin Jason Bucher, Senior Underwriting Manager, Schinnerer Cyber
We re Under Cyberattack Now What?! John Mullen, Partner/Co-founder, Mullen Coughlin Jason Bucher, Senior Underwriting Manager, Schinnerer Cyber Protection Data Creates Duties What data do you access, and
More informationELECTRONIC FUND TRANSFER AGREEMENT AND DISCLOSURE
Arvest Bank ELECTRONIC FUND TRANSFER AGREEMENT AND DISCLOSURE The federal Electronic Fund Transfer Act and Regulation E require financial institutions to provide certain information to consumers (i.e.,
More informationNAU Police Department s Identity Theft Victim s Packet
NAU Police Department s Identity Theft Victim s Packet Information and Instructions This packet should be completed once you have contacted the NAU Police Department and obtained a police report number
More informationSeptember 29, 2017 VIA AND OVERNIGHT MAIL
September 29, 2017 Patrick H. Haggerty direct dial: 513.929.3412 phaggerty@bakerlaw.com VIA EMAIL (SECURITYBREACH@ATG.WA.GOV) AND OVERNIGHT MAIL Attorney General Bob Ferguson Office of the Washington Attorney
More informationJanuary to June 2016 fraud update: Payment cards, remote banking and cheque
January to update: Payment cards, remote banking and cheque October 1. Introduction Financial Fraud Action UK (FFA UK) is responsible for leading the collective fight against in the UK payments industry.
More informationIN THE CIRCUIT COURT OF THE FOURTH JUDICIAL CIRCUIT IN AND FOR DUVAL COUNTY, FLORIDA. Plaintiff, v. Case No. COMPLAINT
Filing # 77225632 E-Filed 08/30/2018 09:49:32 AM IN THE CIRCUIT COURT OF THE FOURTH JUDICIAL CIRCUIT IN AND FOR DUVAL COUNTY, FLORIDA OFFICE OF THE ATTORNEY GENERAL, STATE OF FLORIDA, DEPARTMENT OF LEGAL
More informationThe Litigation Discovery Support Group, LLC. Signature Product: Forensic Abstract
The Litigation Discovery Support Group, LLC Signature Product: Forensic Abstract Forensic Abstract Over 25 years ago, we developed an alternative investigation method that is reliable and economic. Tens
More informationInsuring your online world, even when you re offline. Masterpiece Cyber Protection
Insuring your online world, even when you re offline Masterpiece Cyber Protection Protect your online information from being an open network 97% of Chubb clients who had a claim paid were highly satisfied
More informationHIPAA vs. GDPR vs. NYDFS - the New Compliance Frontier. March 22, 2018
1 HIPAA vs. GDPR vs. NYDFS - the New Compliance Frontier March 22, 2018 2 Today s Panel: Kimberly Holmes - Moderator - Vice President, Health Care, Cyber Liability & Emerging Risks, TDC Specialty Underwriters,
More informationPreparing for California's New Privacy Law Will Make for a Busy 2019 for Legal, IT and Info Governance Departments
Preparing for California's New Privacy Law Will Make for a Busy 2019 for Legal, IT and Info Governance Departments Overview of the CCPA BY Alan Friel BakerHostetler California has enacted, effective Jan.
More informationNORTH CAROLINA ** ALTA BEST PRACTICES 2.0 ** APPROVED ATTORNEY. Resources, Policies & Procedures
NORTH CAROLINA ** ALTA BEST PRACTICES 2.0 ** APPROVED ATTORNEY Resources, Policies & Procedures February 2015 1 2 HISTORY www.northcarolina.ctt.com/bestpractices/resources.asp May 24, 2000 July 21, 2010
More informationCLEAR, ACCURATE AND CONSPICUOUS DISCLOSURE pursuant to the Federal Credit Reporting Act 15 U.S.C. Section 604 (b)(2)(a)(i):
FEDERAL REQUIREMENT: SEPARATE, SINGLE-PAGE, WRITTEN DISCLOSURE TO CONSUMER AND AUTHORIZATION BY CONSUMER FOR PROCUREMENT OF INVESTIGATIVE CONSUMER REPORT INFORMATION THROUGH A CREDIT REPORTING AGENCY 1.
More informationPAI Secure Program Guide
PAI Secure Program Guide A complete guide to understanding the Payment Card Industry Data Security Requirements (PCI DSS) and utilizing the PAI Secure Program Welcome to PAI Secure, a unique 4-step PCI-DSS
More informationOffice of Privacy Protection Safeguarding Information for Your Future
W I S C O N S I N Office of Privacy Protection Safeguarding Information for Your Future Credit report security freeze Wisconsin consumers have the right to place a security freeze on their credit reports.
More informationNORTH CAROLINA ** ALTA BEST PRACTICES 2.0 ** APPROVED ATTORNEY. Resources, Policies & Procedures. February 2015
NORTH CAROLINA ** ALTA BEST PRACTICES 2.0 ** APPROVED ATTORNEY Resources, Policies & Procedures February 2015 1 2 HISTORY www.northcarolina.ctt.com/bestpractices/resources.asp May 24, 2000 July 21, 2010
More informationCyber Risk Management
Cyber Risk Management Privacy & Data Protection Agenda 2 Introductions Risk Management 101 Defining & Quantifying a Breach Prevention, Mitigation & Transfer Strategies Finance Strategy- Cyber Insurance
More informationIC Repealed (As added by P.L , SEC.12. Amended by P.L , SEC.16; P.L , SEC.20. Repealed by P.L , SEC.379.
IC 9-22-3 Chapter 3. Salvage Motor Vehicles IC 9-22-3-0.5 (As added by P.L.219-2005, SEC.12. Amended by P.L.150-2009, SEC.16; P.L.259-2013, SEC.20. by P.L.198-2016, SEC.379.) IC 9-22-3-1 Guidelines for
More informationDrexel and FMFCU. Presented By
Drexel and FMFCU www.fmfcu.org/drexel Identity Theft & Fraud Identity Theft & Fraud Don t Be The Next Victim! Identity Theft & Fraud What is Identity Theft? Leading Generation Targeted Federal Trade Commission
More informationCHAPTER 22 MANDATED POLICIES ARTICLE I IDENTITY THEFT PREVENTION POLICY
CHAPTER 22 MANDATED POLICIES ARTICLE I IDENTITY THEFT PREVENTION POLICY 22-1-1 COMPLIANCE WITH FEDERAL LAW. The Village is committed to comply with the Federal Fair and Accurate Credit Transactions Act
More informationHow to Freeze Your Credit Files
Avoid Identity Theft! How to Freeze Your Credit Files County of Bucks Department of Consumer Protection/ Weights and Measures 1260 Almshouse Rd., 4th Floor Doylestown, Pa. 18901 215-348-6060 1-800-942-2669
More informationDesigning Privacy Policies and Identifying Privacy Risks for Financial Institutions. June 2016
Designing Privacy Policies and Identifying Privacy Risks for Financial Institutions June 2016 Program Overview Regulatory Environment Who Needs a Privacy Program and Common Questions Components of a Comprehensive
More information