Archives: Financial Services

Subscribe to Financial Services RSS Feed

Personal Data from Thousands of Pension Plan Accounts Breached…Third-Party Service Provider Blamed

One of the last things pension plan participants would want to learn as they get ready to celebrate the Christmas holiday is that personal data from their pension accounts may have been compromised. This is the case, unfortunately, for approximately 30,000 Now:Pensions customers whose names, postal and email addresses, birth dates and the equivalent of … Continue Reading

Is Personal Information of Retirement Plan Participants an ERISA Plan Asset?

By Joseph J. Lazzarotti on July 9, 2020 Posted in: California Consumer Privacy Act, Employee Benefit Plans, Financial Services, Identity Theft, Information Risk, Third Party Service Providers, Workplace Privacy, Written Information Security Program

A little more than one year ago, we reported on a settlement (Cassell et al. v. Vanderbilt University, et al.) involving the alleged wrongful use of personal information belonging to retirement plan participants, claimed to be “plan assets.” This year, similar claims have been made against Shell Oil Company in connection with its 401(k) plan. Retirement … Continue Reading

Professional Tax Preparers – You Need A Written Information Security Plan, Says the IRS and FTC

By Joseph J. Lazzarotti on December 6, 2019 Posted in: Consumer Privacy, Data Breach Notification, Data Security, Financial Services, Identity Theft, Information Management, Information Risk, Written Information Security Program

Tax season soon will soon be upon us and many not-so-eager taxpayers will share sensitive personal information about themselves, their dependents, their employees, and others with their trusted professional tax preparers for processing. What many of these preparers might not realize is that federal law and a growing number of state laws obligate them to … Continue Reading

Response to Yelp Review Costs Small Dental Practice $10,000 and Two Years of Monitoring to Settle HIPAA Complaint

By Joseph J. Lazzarotti on October 2, 2019 Posted in: Consumer Privacy, Featured, Financial Services, GDPR, Health Information Technology, HIPAA, Information Risk, Online Privacy, Photos, Videos and Surveillance

No business likes to receive bad reviews on Yelp® or anywhere else in social media. When they do, some feel the need to respond to clarify or rebut the reviews, but they must do so carefully. This is particularly true for HIPAA covered entities, as their responses could include protected health information (PHI). A recent … Continue Reading

Licensed by Your State’s Insurance Commissioner? Comprehensive Data Security Requirements Are Headed Your Way

By Joseph J. Lazzarotti on August 9, 2019 Posted in: Consumer Privacy, Data Breach Notification, Data Security, Financial Services, Information Risk, Written Information Security Program

Most businesses in the insurance industry have one thing in common – they collect and maintain significant amounts of sensitive, nonpublic information including personal information. Not surprisingly, insurance-related businesses are a target of cyberattacks and a few have faced some of the largest data breaches reported to date. Beyond the headlines, however, small and mid-sized … Continue Reading

SEC Issues Privacy and Data Security Risk Alert

By Joseph J. Lazzarotti on April 18, 2019 Posted in: Consumer Privacy, Data Security, Financial Services, Information Management, Information Risk, Third Party Service Providers, Uncategorized, Written Information Security Program

Following recent examinations of SEC-registered investment advisers and broker-dealers, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) published a privacy risk alert on April 16, 2019. OCIE is hoping to remind advisers and broker-dealers about providing compliant privacy and opt-out notices, and adopting and implementing effective policies and procedures for safeguarding … Continue Reading