The FDA has issued new guidance spelling out its policy for organizations using electronic health record data in FDA-regulated clinical investigations, such as studies of the long-term safety of various drugs. Among other criteria, the EHRs need to contain certain privacy and security controls, the agency says.
Silicon Valley employees are increasingly calling on executives to restrict the use of facial recognition technology, mobilized in part by the U.S. government's previous policy of separating children from parents at the border. Experts say facial recognition regulations are needed - and quickly.
Traditional server security controls were not built for ransomware, cryptojacking and other modern attacks. Paul Murray of Sophos discusses deep learning, anti-exploit technology and other key elements of the new wave of server defenses.
Timehop, the social media app that resurfaces older social media posts for entertainment, says its ongoing investigation has revealed that an attacker may have compromised more personal information than it previously suspected over the course of a breach that lasted at least seven months.
As part of a sweeping plan to "modernize" Medicare, federal regulators are also proposing to expand reimbursements for telehealth services. But what are the potential privacy and security concerns that healthcare providers need to address if they offer more telehealth services for patients?
An Australian company that issues identity cards for access to airports has been notifying applicants and cardholders that their personal information may have been compromised, according to a news report. Australian federal police are investigating.
The latest edition of the ISMG Security Report features a discussion of California's groundbreaking new privacy law as well as an update on the potential impact of the hacker group responsible for the Ticketmaster breach.
As the Department of Health and Human Services explores how to spur innovation and investment in the healthcare sector, cybersecurity is among top issues that need to be addressed, some industry organizations stress.
Australian medical booking platform HealthEngine offered AU$25 (US$19) gift vouchers to dental patients who sent photos of their treatment invoices to the company, which it positioned to patients as "invaluable" research. Privacy experts say the company may have fallen afoul of Australian privacy guidelines.
While California already had some of the strictest and most varied privacy laws in the country, the new California Consumer Privacy Act of 2018 "is a whole new ballgame," says privacy attorney Kirk Nahra, who explains why.
Leading the latest edition of the ISMG Security Report: CipherTrace CEO Dave Jevans discusses recent research on cryptocurrency money laundering and whether regulation is possible. Plus, California passes a new privacy law.
In the age of GDPR, more organizations are looking to data classification - including more automated techniques for doing so - as a way to not only help them protect their crown jewels, but in the case of a breach quickly identify what went missing, says Digital Guardian's Tony Themelis.
Numerous technology firms now offer facial biometrics recognition search tools for big data sets. But information security expert Alan Woodward warns that these big data sets must be "considered and regulated very heavily" or else we'll be "living in 1984 without knowing it."
Facebook has responded to more than 2,000 questions posed by U.S. Senate and House committees with 747 pages of answers, which reveal that Facebook was still been providing special access to user data to dozens of companies, six months after it says it had stopped doing so in 2015.