Settlement Reached With Nationwide Regarding Data Breach
Attorney General
The settlement requires Nationwide to take a number of steps to both generally update security practices and to ensure the timely application of patches and other updates to security software. Nationwide must also hire a technology officer responsible for monitoring and managing software and application security updates. The tech officer will supervise employees responsible for evaluating and coordinating the maintenance, management and application of all security patches and software and application security updates.
Nationwide agrees to take steps during the next three years to strengthen its security practices, including:
* Updating procedures and policies relating to the maintenance and storage of consumers' personal data;
* Conducting regular inventories of the patches and updates applied to its systems, performing internal assessments of patch management practices and hiring an independent provider to perform annual audits; and
* Maintaining and utilizing system tools to monitor the health and security of systems used to maintain personal information.
Many of the consumers affected by the data breach never became Nationwide insured, but the company retained these consumers' data to more easily provide the consumers re-quotes at a later date. The settlement requires Nationwide to be more transparent about data collection practices by requiring the disclosure to consumers that Nationwide retains personal information even if the consumers do not become customers.
In addition to
To view a copy of the settlement, click here (http://myfloridalegal.com/webfiles.nsf/WF/JMAR-AQ3LEE/$file/Nationwide+AVC.pdf).
Ambetter Confirms Participation in NH Exchange in 2018
Attorney General Stein Wins $120,000 for North Carolina Over Nationwide Data Breach
Advisor News
Annuity News
Health/Employee Benefits News
Life Insurance News