The head TikTok has been summoned by European lawmakers from different parliamentary committees for an inquiry into its privacy practices. In a letter sent to TikTok CEO Shou Zi Chew on Thursday, the heads of five European Parliament committees requested that Chew appear for an in-person probe.
A recent attack by a Russian ransomware-as-a-service group that stole the personal information of 2.5 million patients of McLaren Health Care has triggered at least three proposed federal class action lawsuits in recent days, claiming the healthcare company failed to protect patient privacy.
The Ukrainian government says it will regulate AI, a step it portrays as a way to draw closer to the European Union, where rules for AI systems are close to approval. New rules will enable access to global markets and closer integration with the EU, the Ministry of Digital Transformation said.
Firms using large language models that power gen AI-powered tools must consider security and privacy aspects such as data access, output monitoring and model security before jumping on the bandwagon, said Troy Leach of Cloud Security Alliance. "Everything is going to be AI as a service," Leach predicted.
In the latest weekly update, ISMG editors examine policies in the U.S. and Europe that could regulate AI, recent developments within the EU cybersecurity and privacy policy arena, and the disparities between the perspectives of business leaders and cybersecurity leaders on the security landscape.
America's largest hospital lobbying group says Congress should pressure health regulators into retracting a warning that online trackers embedded into patient portals could violate medical privacy law. Sen. Bill Cassidy, R-La., is seeking feedback for potential improvements to HIPAA.
Experts discuss the top things that companies, board directors and cyber leaders need to do now to be ready for compliance since the SEC fast-tracked adoption of its cybersecurity disclosure rules.
Fundraising software powerhouse Blackbaud will pay $49.5 million to settle a multistate investigation into the company's data security practices and its response to a 2020 ransomware attack. The firm must also enhance its security and not misrepresent its data security practices.
The SEC has pushed forward their disclosure rules, regarding cybersecurity risk management, strategy and governance. Additionally, they are requiring a two-part disclosure requirement for both annual and significant events statements.
Download this guide to help you:
Create a comprehensive roadmap and plan to...
More than four dozen cybersecurity mavens say a proposed European Union mandate for software publishers to inform the trading bloc's cybersecurity agency of zero-day exploits within 24 hours of their discovery risks harming cybersecurity efforts.
Revenue cycle management firm Arietis Health is notifying the patients of 55 healthcare practices across several states that their sensitive information has been potentially compromised in a hack of Progress Software's MOVEit file transfer application. What can entities learn from these breaches?
French lawmakers on Wednesday will mull limits on virtual private networks as part of an anti-cybercrime measure that would also require web browsers to notify users when they access websites listed on a government blacklist. The bill, widely known as SREN, passed the French Senate in June.
Ransomware-as-a-service gang Alphv/BlackCat claims to have stolen 6 terabytes of data on 2.5 million patients in a recent attack on Michigan-based McLaren Health Care, which operates 13 hospitals and a network of cancer centers. The incident is part of the group's rash of recent attacks.
The head of a key European Parliament committee said he's concerned about media reports suggesting that a proposal mandating that instant messenger apps scan for CSAM was crafted under the influence of an American tech foundation and a nonprofit with ties the British and U.S. government.
It’s not uncommon for hospitals and health systems to have questions about what they need to do when it comes to technical testing to be in compliance with the HIPAA Security Rule. Unfortunately, there is no one-size-fits-all answer for every organization, and there's much more to technical testing than checking a...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.