Among the hundreds of responses to a federal request for comments about potential changes to the HIPAA rules were suggestions for "safe harbors" that would shelter organizations with strong security strategies from HIPAA enforcement actions after a health data breach.
A security consultancy discovered Facebook user data exposed in two different places online without authentication or encryption. The data, which is now offline, came from an Android app that purported to offer statistical information to logged-in users.
Britain's intelligence establishment has reportedly concluded that any risks posed by Chinese-built Huawei networking equipment used as part of the country's 5G rollout can be minimized if the process is appropriately managed.
The Trump administration is leading a broadside against Chinese telecommunications giants Huawei and ZTE. But concerns that Chinese networking gear could be used as backdoors for facilitating state-sponsored surveillance or disrupting critical infrastructure are not limited to America.
Federal regulators have hit a California-based healthcare provider with a $3 million HIPAA settlement related to two breaches involving misconfigured IT. It's the latest in a recent series of hefty penalties issued in HIPAA cases.
Germany's competition authority, the Bundeskartellamt, has prohibited Facebook from combining user data from different sources unless users consent, and it has also prohibited Facebook from blocking users who do not provide this consent. Facebook has one month to appeal the antitrust decision.
Since the EU's GDPR went into full effect, European data protection authorities have received over 59,000 data breach reports, with the Netherlands, Germany and the U.K. receiving the greatest number of notifications, according to the law firm DLA Piper.
A $3.1 million proposed settlement has been reached in a data breach class action lawsuit against Community Health Systems stemming from a 2014 cyberattack that affected 4.5 million individuals. Why are settlements in data breach cases still relatively rare?
In 2018, the Identity Theft Resource Center counted 1,244 U.S. data breaches - involving the likes of Facebook, Marriott and Exactis - that exposed 447 million sensitive records, such as Social Security numbers, medical diagnoses and payment card data.
Apple says it has engineered a server-side fix for a flaw in its FaceTime messaging app and plans to issue a patch for clients this week. The patches will resolve a situation jokingly dubbed "FacePalm" that revealed a bug-reporting gap.
California's attorney general has slapped Aetna with a substantial financial penalty in the latest enforcement action against the health insurer following a 2017 breach involving HIV information.
Apple's conflict with Facebook this week resulted in the most effective and quickest punishment the social network has ever received over a privacy issue. But should a multi-billion dollar tech company like Apple be picking up the slack for the digital privacy enforcement failures of governments?
Several U.S. states are considering new legislation to shore up consumer data privacy laws in the wake of California passing strict privacy requirements last year. What's in the pipeline?
Apple has revoked Facebook's enterprise certificate, leaving the social network's employees unable to access internal iOS apps, after Facebook used it to distribute an app that monitored smartphone activity, sometimes from minors, in exchange for monthly payments. Facebook says it did nothing wrong.
Apple is preparing a fix for a serious flaw in its FaceTime software for making audio and video calls. The software can be abused to remotely eavesdrop on and view a recipient, without their knowledge, even if they don't answer the call.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.