According to findings from the Identity Theft Resource Center's 2023 Q1 Data Breach Report, the number of publicly reported data compromises decreased, but the number of data breaches with no actionable information about the root cause of the compromise grew.
A top HIPAA-enforcement priority for regulators is cracking down on entities that disclose patient information to third parties without permission through the use of website tracking codes, says Melanie Fontes Rainer, director of the Department of Health and Human Services' Office for Civil Rights.
Healthcare entities need to think more strategically about managing risk by implementing a robust cybersecurity framework such as the National Institute of Standards and Technology's CSF, said Bob Bastani, cybersecurity adviser at the Department of Health and Human Services.
Major internet chat platforms are urging the United Kingdom government to reconsider a bill intended to decrease exposure to online harms but which opponents say would open the door to massive government surveillance. Proponents say online platforms should have a duty of care to protect users.
Members of a European Parliament committee heard Thursday an assessment warning them that a bill intended to fight child sexual abuse material would instead weaken online security. The Child Sexual Abuse Material proposal faces a barrage of opposition from industry and civil liberty groups.
An online alcohol abuse counseling service is notifying about 109,000 clients of a data breach involving the company's prior use of tracking tools on its websites dating back to 2017. The breach affects members of Monument Inc. and Tempest, a counseling service acquired in May 2022.
Federal regulators have issued proposed changes to the HIPAA privacy rule aimed at protecting reproductive healthcare information from disclosures or uses involving law enforcement and related purposes in the wake of the Supreme Court last year overturning Roe v. Wade.
Regulators are scrutinizing the use of website tracking codes and analytics such as Meta Pixel and Google Analytics. Health entities must carefully assess how those tools are being used on their health-related websites, say privacy attorneys Cory Brennan of Taft and Mark Swearingen of Hall Render.
OpenText, Varonis and Forcepoint joined Google and Microsoft atop Forrester's data security rankings, while Trellix and Broadcom fell from the leaders category. Data protection historically focused on delivering security controls, but firms are increasingly looking to address adjacent use cases.
A British government agency added to TikTok's reputational woes by finding it failed to protect children's privacy. TikTok is playing defense in multiple Western countries against concerns it collects massive amounts of data it could use for surveillance or information operations.
Three healthcare organizations joined the list of entities treating past use of tracking technologies in patient websites as a data breach reportable to federal authorities. The entities admitting such incidents are New York-Presbyterian Hospital, UC San Diego Health and Brooks Rehabilitation.
Online counseling provider BetterHelp is facing at least three proposed class action lawsuits following its recent enforcement action by the FTC. Plaintiffs allege a variety of claims against the company, including invasion of privacy, violations of federal and state laws, and "outrageous conduct."
A now-patched bug that caused OpenAI to take down the ChatGPT chatbot for nine hours on Monday also revealed the last four digits of payment cards, the company disclosed Friday. One user said he saw the history of another account including the topics "phobia of rats" and "sexist music video clips."
Medical device maker Zoll Medical is facing at least seven proposed class action lawsuits filed since it revealed two weeks ago that the data of 1 million individuals had been caught up in a hacking incident involving the company's internal network.
TikTok CEO Shou Chew appeared Thursday before the U.S. congressional panel to defend his company against accusations that it's imperiling Americans' national security, privacy and mental health. Lawmakers pressed Chew on the company's Chinese ownership, source code and privacy practices.