Insurance Data Security

Top Ten Takeaways from California AG’s Healthcare AI Advisory

January 15, 2025 By Daniel Felz, Jennifer Everett and Sara Pullen Guercio

On January 13, 2025, California Attorney General (“AG”) Rob Bonta issued an advisory describing providers’ and businesses’ obligations related to the development, sale, and use of artificial intelligence (“AI”) and automated decision systems (“ADS”) in the healthcare industry (“Advisory”). The Advisory puts healthcare providers, insurers, and businesses serving the healthcare industry on notice of the […]

CISA Releases Advisory Concerning Chinese-Backed Threat Actor

October 9, 2023 By Kim Peretti

On September 27, 2023, The U.S. National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japanese National Police Agency (NPA), and the Japanese National Center of Incident Readiness and Strategy for Cybersecurity (NISC) released a joint cybersecurity advisory (CSA) concerning the recent activity of […]

New York and Illinois Regulators Recommend Third Party Cybersecurity Review For Specific Vulnerabilities

May 21, 2021 By James Harvey and Privacy, Cyber & Data Strategy Team

This month, the Illinois Department of Insurance issued guidance to insurers recommending assessments in response to a Microsoft Exchange vulnerability, detailed in the guidance. In the Bulletin dated May 5, the Department encourages regulated entities to “assess the risk to their systems and consumers and take steps necessary to address vulnerabilities and customer impact.” The […]

NYDFS Announces Cybersecurity Settlement, Addresses Multi-Factor Authentication Rules

April 16, 2021 By Privacy, Cyber & Data Strategy Team

On April 14, 2021, the New York Department of Financial Services (“NYDFS”) announced a settlement with National Securities Corporation (“National Securities”), a licensed insurer, in connection with claims under the NYDFS Cybersecurity Regulation (23 NYCRR Part 500). The consent order requires payment of a $3M penalty and mandatory remediation in response to alleged failures to […]

Alston & Bird Analyzes New California Privacy Rights Act in Client Alert

November 4, 2020 By Privacy, Cyber & Data Strategy Team

Yesterday, California voters approved a ballot initiative containing the California Privacy Rights Act of 2020. The ballot initiative significantly revises the existing California Consumer Privacy Act to create arguably the most comprehensive state privacy law in the United States. Alston & Bird has now issued a client alert explaining key impacts of this law. The […]