New legislation introduced by Sen. Ron Wyden, D-Ore., would "bring meaningful punishments for companies that violate people's data privacy, including larger fines and potential jail time for CEOs," he says. But can Congress agree on a privacy law?
Enforcing patients' rights under HIPAA to access their health information - including via health apps - is a top policy initiative at the HHS Office for Civil Rights, Director Roger Severino said in a Wednesday presentation. He also said a $2.1 million HIPAA penalty would be announced soon.
What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues.
In the wake of a federal appeals court ruling last year vacating a Federal Trade Commission enforcement action against LabMD, the FTC's data security consent orders are becoming far more detailed and rigorous, says former FTC attorney Julie O'Neill.
Gov. Gavin Newsom has signed into law six amendments to the California Consumer Privacy Act as well as another bill updating the state's long-standing data breach law. Meanwhile, draft CCPA implementation regulations have been unveiled.
Defense and prosecution attorneys are asking for a delay in the trial of alleged Capital One hacker Paige A. Thompson, citing the overwhelming amount of digital evidence in the case and the ongoing forensics investigation. Prosecutors also expect to file additional charges.
The personal data of Mississippi citizens is susceptible to breaches because many state agencies, universities and other organizations are failing to comply with all the mandates of the state's cybersecurity law, according to a report issued by the Office of the State Auditor.
What should healthcare organizations know about complying with the breach notification and data security requirements of New York's SHIELD Act? And how does the new law compare with HIPAA? Jon Moore, chief risk officer at consulting firm Clearwater, explains.
Twitter apologized on Tuesday for repurposing phone numbers provided by users for security features for use in targeted advertising, claiming the move was a mistake. Earlier, Facebook was reprimanded for a similar practice.
Ransomware attacks are among the largest incidents added to the federal tally of major health data breaches in recent weeks. Attacks on a variety of clinics affected a total of more than 1 million individuals.
Compliance with the European Union's General Data Protection Regulation is no guarantee of compliance with other privacy regulations, says Fatima Khan of Okta, who discusses the challenges.
The California Consumer Privacy Act could cost companies in the state a total of $55 billion for initial compliance expenses, according to a new study prepared for the state attorney general's office. The landmark privacy legislation is slated to go into effect on Jan. 1, 2020.
What's it like to serve in the dual roles of CISO and DPO? Gregory Dumont, who has both responsibilities at SBE Global, a provider of repair and after-sales service solutions to the electronics and telecommunication sectors, explains how the roles differ.
A dental practice in Texas that responded to patients' Yelp reviews by disclosing patient names and other health information has gotten a bad review from federal regulators: A $10,000 HIPAA monetary settlement and a corrective action plan.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
