Among the hundreds of responses to a federal request for comments about potential changes to the HIPAA rules were suggestions for "safe harbors" that would shelter organizations with strong security strategies from HIPAA enforcement actions after a health data breach.
The Federal Trade Commission is reportedly negotiating a settlement with Facebook that includes a multibillion dollar fine for its privacy failures. But the social network is alarmed about the proposed settlement agreement's terms and conditions, The Washington Post reports.
Since the EU's GDPR went into full effect, European data protection authorities have received over 59,000 data breach reports, with the Netherlands, Germany and the U.K. receiving the greatest number of notifications, according to the law firm DLA Piper.
The latest edition of the ISMG Security Report features an update on what U.S. intelligence chiefs told Congress this week about persistent nation-state cyberthreats, plus reports on evasion tactics used by cryptocurrency money launderers and what government CIOs have to say about security funding.
The latest edition of the ISMG Security Report features an analysis of why Google was one of the first companies to be hit with a major GDPR fine, plus a global update on GDPR compliance trends and an in-depth report on shifts in malware.
Massive data brokers - Equifax, Experian, Illion and others - are leveraging Australia's electoral roll, which is a tightly held and valuable batch of data. While this little-known practice might sound alarming, in fact it's required under Australia's anti-money laundering and anti-terrorism rules.
Cisco is out with findings from its 2019 Data Privacy Benchmark Study, which shows the impact of GDPR compliance as well as how customers are asking more questions about how their data is secured. Cisco Chief Privacy Officer Michelle Dennedy analyzes the survey.
How do data privacy and security matters affect organizations that are contemplating a merger or acquisition? Attorney Iliana Peters offers insights into cybersecurity, data breach and compliance issues that can potentially doom a deal.
An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case.
With an operating system that's used by 90 percent of Fortune 500 companies, Microsoft closely monitors cyberattack trends. Joram Borenstein, general manager of Microsoft's Cybersecurity Solutions Group, discusses his top three concerns for 2019.
The number of data breach reports filed since the EU General Data Protection Regulation went into effect has hit nearly 3,500 in Ireland, over 4,600 in Germany, 6,000 in France and 8,000 in the U.K. Regulators say more Europeans are also filing more complaints about organizations' data protection and privacy practices.
What are three burning questions regarding legal and compliance issues that enterprise security leaders should ponder as they head into 2019? Ed Amoroso, former CISO of AT&T and current CEO of TAG Cyber, outlines the questions and possible answers.
As of March 1, 2019, covered entities will be required to be in compliance with the New York Department of Financial Services Cybersecurity Regulation Section 500.11, the Third Party Service Provider Security Policy. What are the key requirements? Attorney Ted Augustinos, a partner at Locke Lord LLP, outlines the new...
Financial institutions of all sizes can use a new Cybersecurity Profile tool to help them comply with a variety of regulations and implement the NIST Cybersecurity Framework, says Denyette DePierro of the American Bankers Association.