As data extends well beyond on-premises infrastructure into multi-cloud and hybrid cloud environments, IT and security teams are looking for ways to better manage the entire data lifecycle. A key piece of these efforts is to reduce risk without compromising user productivity.
A variety of technology and tools exists...
In the wake of recent cyberthreats aimed at Australia's critical infrastructure, the country has adopted a new risk management program to strengthen its resilience and security in these key sectors. The new rules will help businesses prepare for, prevent and mitigate emerging threats.
Federal regulators are working on proposed rule to modify HIPAA to better safeguard the privacy of reproductive health data. The Biden administration last year already issued guidance about the application of the HIPAA Privacy Rule to information about reproductive health.
The attorneys general of Pennsylvania and Ohio have slapped a DNA testing lab with HIPAA settlements totaling $400,000 in the wake of a 2021 hack of a legacy database that affected 2.1 million individuals nationwide, including nearly 46,000 consumers in the two states.
The British government has proposed revisions to the country's main computer crime law - the 32-year-old Computer Misuse Act - to allow police to seize domains and compel data retention. While the government has promised to protect white hat hackers, it has yet to issue concrete proposals.
The U.S. government on Thursday unveiled a task force aimed at preventing advanced technology from reaching repressive regimes, including the People's Republic of China. The task force will be led by personnel in the departments of Justice and Commerce.
Chris Inglis, head of the Office of the National Cyber Director in the White House, stepped down from the position. The widely anticipated move comes as the Biden administration finalizes a national cyberspace strategy expected to call for more regulation and the disruption of malicious actors.
There are two types of companies: those that run on data and those that will run on data.
Infosec professionals will perennially be challenged with more to do than time, budget, and staffing will allow. The most effective method to address this is through prioritization, and in the case of your growing data,...
Maintaining compliance is a difficult job -- both in scope and in practical application. Organizations need to comply with a vast array of regulations, and the number is constantly increasing. Compliance is consistently tightening; businesses and financial institutions now have to comprehend the new PCI-DSS 4.0...
Cedars-Sinai Medical Center in Los Angeles has joined a growing list of organizations being sued for allegations that its use of website tracking codes is unlawfully sharing individuals' personal and health information to third-party social media and marketing companies.
On the heels of an enforcement action last week by the Federal Trade Commission, telehealth and discount prescription drug provider GoodRx now also faces a proposed class action lawsuit over its data-sharing practices with third parties and the use of website tracking code.
A Scottish school system decided not to use facial recognition in its secondary school cafeterias after international outcry. The U.K. Information Commissioner's Office said Tuesday that the North Ayrshire Council failed to obtain freely given consent for the system.
Federal regulators hit Banner Health, which operates hospitals and other care facilities in multiple states, with a $1.25 million HIPAA settlement in the wake of a 2016 hacking incident that affected nearly 3 million individuals. Banner Health will also implement a corrective action plan.
Virginia Democratic Sen. Mark Warner, who chairs the Senate Select Committee on Intelligence, says he hopes to gather support for new bipartisan legislation this year to incentivize healthcare sector entities to meet certain minimum cybersecurity standards and tackle other top security concerns.
The FTC has for the first time enforced its almost 14-year-old health data breach notification rule. It hit a telehealth and prescription drug discount provider with a $1.5 million civil penalty for failing to inform consumers that it shares their data with advertisers and other third parties.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.