Tag archives: over-retention

NYDFS settles with EyeMed for $4.5 million

Photo of David Kessler (US)Photo of Susan Ross (US)By David Kessler (US) and Susan Ross (US) on Posted in Cybersecurity, Data breach
On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020.  The settlement claimed that EyeMed had committed seven violations of the NYDFS Cybersecurity Regulation, including failure to have an appropriate annual risk … Continue reading

Over-retention of personal data

Photo of David Kessler (US)Photo of Marcus Evans (UK)Photo of Susan Ross (US)By David Kessler (US), Marcus Evans (UK) and Susan Ross (US) on Posted in Compliance and risk management
Norton Rose Fulbright - Data Protection Report blogThe declining cost of electronic data storage may have caused some company executives to conclude that retaining personal data forever is “cheap.”  Perhaps the CNIL’s  €1.75 million (USD $2,051,930) penalty for over-retention will lead to a different view. The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an … Continue reading
LexBlog