HHS is considering making changes to federal privacy regulations governing health data - including HIPAA and the 42 CFR Part 2 law. While regulatory experts are already debating whether changes to HIPAA are, indeed, needed, many say changes to the 42 CFR Part 2 are long overdue.
Facebook is making substantial investments to improve its data security and privacy practices. But the long-term cost of those investments and impact on the bottom line has spooked investors, leading to a $120 billion loss in market value on Thursday, the largest one-day loss of value for a U.S. traded company.
A proposed settlement of a class action lawsuit against an Alabama hospital provides a total of up to $150,000 in relief to more than 1,200 individuals affected by a breach involving a former employee who was convicted of identity theft that led to federal tax refund fraud. What's unusual about the case?
Under the EU's General Data Protection Regulation, within 72 hours of an organization learning about the data breach, it must report the breach to relevant authorities or face fines. The U.K.'s data privacy watchdog says it's already seen the volume of self-reported breaches quadruple.
At Infosecurity Europe 2018, Information Security Media Group conducted dozens of video interviews with industry thought leaders. Here are the highlights.
This white paper looks at how payment innovation is impacting fraud departments and the growing importance of removing friction to improve the customer experience. The mobile and online channels are the future; being able to authenticate returning customers and determine who new applicants really are will be essential...
The National Cybersecurity Center of Excellence (NCCoE) at NIST has created a series of free resources touting best industry practices that utilize the latest technology, automation and system controls to guide industry professionals through minimizing their cyber risks and identifying threats. These practices go a...
A Spanish consumer rights organization says telecommunications company Telefónica has fixed an elementary security error in its Movistar website that potentially exposed billing invoices for millions of customers. Telefónica says it hasn't detected fraudulent use of the data.
Compliance regulations such as SWIFT and GDPR can be challenging to understand and implement. Many of these regulations have cybersecurity requirements that are focused on protecting critical banking infrastructure with aggressive timelines - and without disrupting the very business-critical systems you're trying to...
The latest edition of the ISMG Security Report features a discussion of California's groundbreaking new privacy law as well as an update on the potential impact of the hacker group responsible for the Ticketmaster breach.
Look at information security through the lens of business risk, and you'll begin to make decisions about security in light of their impact on the business.
With security threats emerging faster than ever, what if your most important information is not protected? What strategic business advantage do you gain if it is...
Risk managers in particular have a vested interest in ensuring their organizations are in ongoing compliance with GDPR.
If you are concerned about your organization's GDPR compliance, download this guide and learn:
A history and background of the GDPR;
A number of noteworthy compliance indications;
Six...
Australian medical booking platform HealthEngine offered AU$25 (US$19) gift vouchers to dental patients who sent photos of their treatment invoices to the company, which it positioned to patients as "invaluable" research. Privacy experts say the company may have fallen afoul of Australian privacy guidelines.
While California already had some of the strictest and most varied privacy laws in the country, the new California Consumer Privacy Act of 2018 "is a whole new ballgame," says privacy attorney Kirk Nahra, who explains why.
Leading the latest edition of the ISMG Security Report: CipherTrace CEO Dave Jevans discusses recent research on cryptocurrency money laundering and whether regulation is possible. Plus, California passes a new privacy law.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.