Google and the University of Chicago Medical Center have filed motions to dismiss a class action lawsuit that alleges patients' records were not properly de-identified by the hospital before they were shared with Google for research. Legal experts offer an analysis of the privacy case.
Paige A. Thompson, who's been arrested on a charge of hacking into Capital One's network and taking the personal and financial data of 106 million individuals, is also suspected of stealing information from over 30 other organizations, according to new court documents.
U.S. organizations were barely GDPR compliant in 2018, when California unveiled its own privacy legislation, the California Consumer Privacy Act, which goes into effect on Jan. 1, 2020. Yet, this is but one of several privacy laws being enacted across the U.S., and it poses many questions about the role of security to...
Risks associated with cyber security incidents and business interruption are major concerns for companies worldwide. Improperly managed, cyber security incidents like ransomware can bring companies to a standstill and the resulting financial losses can have a substantial impact. Using real life examples, learn how...
Whether you're a large enterprise that has experienced a headline data breach or a midmarket organization that has just been paralyzed by ransomware, you share points in common. Which law enforcement agency do I call after the incident has been discovered? What do I do - and not do with the affected systems? What...
Australia's fair trading regulator says it's seeking penalties against HealthEngine, an online platform for booking medical appointments, for allegedly selling patient details to private health insurance brokers without disclosure and embellishing patient reviews of healthcare providers.
It's been more than two months since lab companies began revealing they had patient data exposed in a data breach at American Medical Collection Agency. But new victim organizations are continuing to emerge, bringing the total to about 18.
More lawsuits have been filed in the wake of the Capital One breach that exposed the data of more than 100 million individuals. GitHub is also a target of one of those lawsuits, which alleges the code-sharing site failed to promptly remove breached data.
The latest edition of the ISMG Security Report analyzes the root causes of the Capital One data breach. Also featured: breach remediation advice and compliance with New York's new third-party risk management requirements.
Cisco has agreed to pay $8.6 million to settle a whistleblower lawsuit that claimed the networking company sold video surveillance software to local, state and federal agencies over a six-year period that contained serious security vulnerabilities.
A federal judge has granted preliminary approval for a $74 million settlement of a consolidated class action lawsuit against health insurer Premera Blue Cross stemming from a 2014 data breach that affected 11 million individuals. More money will go to security enhancements than to victim reimbursement.
The U.S. Justice Department and the Federal Trade Commission officially announced a privacy settlement with Facebook that includes a record-setting $5 billion fine. As part of the agreement, CEO Mark Zuckerberg must submit quarterly and annual reports to show that the company is in compliance with the FTC order.
Given the massive impact of the Equifax data breach, is the recently announced proposed settlement fair? One consumer advocate calls the money to be paid out by the consumer reporting agency the equivalent of a "parking ticket." Here's an analysis of the settlement's terms.
The list of laboratories and other healthcare clients affected by the data breach at American Medical Collection Agency continues to grow - as does the number of patients whose data may have been exposed. Here's the latest tally.