Tag archives: over-retention

NYDFS settles with EyeMed for $4.5 million

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020.  The settlement claimed that EyeMed had committed seven violations of the NYDFS Cybersecurity Regulation, including failure to have an appropriate annual risk … Continue reading

Over-retention of personal data

Norton Rose Fulbright - Data Protection Report blogThe declining cost of electronic data storage may have caused some company executives to conclude that retaining personal data forever is “cheap.”  Perhaps the CNIL’s  €1.75 million (USD $2,051,930) penalty for over-retention will lead to a different view. The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an … Continue reading
LexBlog