Recent additions to the federal health data breach tally shine a light on the mistakes that contribute to breaches - and in some cases, make situations far worse.
WhatsApp has agreed to appoint a grievance officer for India who will handle complaints about fake news. The nation's government had demanded the action in the wake of recent mob violence triggered by fake news spread on the social media platform. But will the appointment have a significant impact?
Twitter has fixed a bug that sometimes sent a user's direct messages not only to the specified recipient, but also to unrelated external developers. The social networking service is notifying more than 3 million affected users and has requested that unintended recipients delete the messages.
As CISOs, CIOs and privacy officers look for ways to boost the timely, secure sharing of healthcare information to improve treatment, one obstacle that potentially stands in the way is CFR-42 Part 2, a 1970s-era regulation. Dozens of healthcare organizations are pushing Congress to change that regulation.
The latest edition of the ISMG Security Report takes a look at the EU's General Data Protection Regulation, including the outlook for enforcement and common misconceptions about its provisions.
HIPAA privacy violations can come in many forms. Case in point: Federal regulators have smacked three Boston hospitals with settlements totaling nearly $1 million for allowing crews for the documentary TV show "Save My Life: Boston Trauma" to film on their premises without obtaining authorization from patients.
Credit bureau Equifax has been hit with the maximum possible fine under U.K. law for "multiple failures" that contributed to its massive 2017 data breach, including its failure to act on a critical vulnerability alert issued by the U.S. Department of Homeland Security.
Criminals operating online continue to target cryptocurrencies, leverage phishing and other social engineering attacks, as well as tweak age-old scams - including Nigerian prince emails - for the modern age. So warns Europol in its latest Internet Organized Crime Threat Assessment.
Richard Henderson of Infosec Global discusses the impact of the European Union's General Data Protection Regulation and how the law is influencing privacy frameworks globally.
Attorney Elizabeth Harding clears up confusion about certain provisions of the EU's General Data Protection Regulation, including the issue of when organizations need to obtain a European consumer's consent to process their data.
Making bigger advances in implementing nationwide health information exchange will require a multipronged effort, including getting patients more involved and using a variety of technical approaches, says Scott Stuewe, the new president and CEO of DirectTrust.
Less than four months after GDPR enforcement began, Europe has arguably entered the modern data breach notification era. Reports of data breaches continue to increase, and breached organizations now face the specter of class-action lawsuits over material as well as non-material damages.
Should Europe's "right to be forgotten" apply worldwide? That's the focus of a case before the EU's highest court, which has pitted proponents - including Austria and France - against Google, Microsoft and the European Commission, who argue that the EU law provision should only apply in Europe.
A recent incident involving a chronic care management company spotlights how paying a ransom to recover decryption keys from ransomware attackers can put sensitive data at additional risk. Security experts offer insights on how to prepare for the many challenges posed by attacks.
Nearly one-third of U.S. banking consumers use online and mobile fintech apps to help manage their money. But those users are concerned about data privacy and want more control over the financial data their apps can access, says David Fortney of The Clearing House, who reviews the results of a survey.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
