United States

Topic: data protection

Subscribe to data protection RSS feed

New York State imposes a $1.5 million penalty in cybersecurity breach case

On March 3, 2021, the New York Department of Financial Services (NYDFS) announced a Consent Order with a NYDFS-licensed Maine-based mortgage banker and loan servicer settling alleged violations of the NYDFS cybersecurity regulations. (In the matter of Residential Mortgage Services, Inc., March 3, 2021). As a result of the regular safety and soundness examination of … Continue Reading

US banking regulators propose a rule for 36-hour notice of breach

On December 18, 2020, the US Department of the Treasury (Office of the Comptroller of the Currency), Federal Reserve Board and Federal Deposit Insurance Corporation (FDIC) jointly announced a 53-page proposed rule that would require banks to notify their regulators within 36 hours of a “computer-security incident” that rises to the level of a “notification … Continue Reading
LexBlog