After several moves by Democrats to introduce federal privacy legislation, Republican Senator Roger Wicker on Tuesday unveiled a draft consumer privacy bill, the United States Consumer Data Privacy Act of 2019, that would override various state laws on privacy, including the California Consumer Privacy Act.
Your best bet to avoiding the potentially exorbitant costs of a vendor hack is to not have one in the first place. A solid vendor risk management program, backed up by technology, policies, and procedures is the best protection. Good review and audit processes can catch any vendor-related problems before they become...
Two vendors serving the healthcare sector have been targeted with breach-related lawsuits. Experts say the incidents at the center of these cases showcase the potential risks posed by vendors.
Getting the proper vendor contracts completed is a top concern for organizations preparing to comply with the California Consumer Privacy Act, says Caitlin Fennessy, research director at the International Association of Privacy Professionals.
Federal regulators have slapped Norfolk, Va.-based Sentara Hospitals with a $2.2 million HIPAA settlement for improperly reporting a breach and lacking a business associate agreement.
Victims of a massive 2018 Facebook data breach can continue a class-action lawsuit to try and force the social network to maintain "reasonable" information security practices, a federal judge has ruled. But he dismissed the plaintiff's attempt to receive monetary compensation for the breach.
The notorious Joker's Stash carder marketplace has a fresh listing for payment card data that appears to have been stolen from four different U.S. restaurant chains, security experts warn.
An audit from the U.S. Energy Department's Inspector General finds that the agency is prone to making the same cybersecurity mistakes year-after-year. This includes exposing critical infrastructure, including nuclear facilities, to outside hacking and attacks.
With the California Consumer Privacy Act set to go into effect Jan. 1, 2020, companies are making last-minute compliance preparations. But these preparations are challenging because regulations to carry out the law are still pending and ambiguities remain. Here's a look at three issues.
Twitter users no longer have to supply a phone number in order to use two-step verification for authentication. The move will better protect accounts from SIM hijacking attempts and also means users don't have to sacrifice some of their privacy to enable a security feature.
Target has filed a lawsuit against its long-time insurer, ACE American Insurance Co., in an attempt to recoup money it spent to replace payment cards as part of settlements over the retailer's massive 2013 data breach. Find out how much money the company is seeking.
Two rules proposed by federal regulators could provide significant help to strengthen cybersecurity in the healthcare ecosystem, says regulatory attorney Julie Kass of the law firm Baker Donelson.
The long-awaited Personal Data Protection Bill is ready to be tabled in Parliament during this winter session. Organizations across geographies are still struggling to understand the nuances of the European Union's General Data Protection Bill and the California Consumer Protection Act.
Indian enterprises are...
The latest edition of the ISMG Security Report offers an in-depth analysis of whether Instagram is doing enough to protect the contact information of minors. Plus: Compliance updates on GDPR and PCI DSS.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
