U.S. tech companies are stepping up warnings to British lawmakers over a government proposal they say will fatally weaken security and privacy protections for users. The House of Lords is set to return the bill to the House of Commons after a third reading scheduled to begin Wednesday.
British lawmakers are calling on the government to speed up efforts to articulate a comprehensive artificial intelligence policy in the face of challenges ranging from bias to existential risk. Delay could erode Britain's position "as a center of AI research," the lawmakers said.
Medical device maker Medtronic MiniMed violated patient privacy by using tracking and authentication technologies such as Google Analytics and Firebase in its InPen diabetes management app and services, according to a proposed federal class action lawsuit filed this week.
A recently updated guidance document developed by an advisory group to the Department of Health and Human Services can help all types of organizations within the healthcare sector be better prepared to deal with the latest cyberthreats, said attorney David Holtzman of HITprivacy LLC.
The French data regulator is calling on operators of large-scale databases to shore up defenses against a slew of threats including nation-states and sophisticated hackers capable of exploiting the supply chain or zero-day flaws. Next year CNIL will publish a set of cybersecurity recommendations.
Four years ago, federal regulators started sending a message to healthcare entities about the need to give patients timely access to their health records. Insurer UnitedHealthcare, the 45th firm penalized for potential "right to access" violations, agreed to an $80,000 fine and corrective action.
Spain is set to launch Europe's first-ever artificial intelligence regulatory agency as the trading bloc finalizes legislation meant to mitigate risks and ban AI applications considered too risky. Madrid said its goal is to foster AI that is "inclusive, sustainable, and centered on citizens."
Two financial services giants hit by the mass attack on MOVEit file-sharing software - Prudential and Schwab - are the latest victims to face lawsuits from affected individuals. The suit filed against Prudential seeks 10 years of prepaid identity theft monitoring services instead of the usual two.
AI holds great promise for certain applications in healthcare, particularly around clinical research, but security leaders - and others involved in governance within medical institutions - must be ready for the implications, said John Frushour, CISO of New York-Presbyterian Hospital.
Recent legal actions against CISOs have spawned a debate on whether security leaders should be held accountable for security incidents. CISOs should manage this shifted liability through real-time documentation and collaboration with law enforcement, said attorney Stephen Reynolds.
Sharing information and threat intelligence "collectively" is critical in order for health and public health sector entities to be able to defeat their cyber adversaries, said Nitin Natarajan, deputy director of the Cybersecurity Information and Security Agency.
The Food and Drug Administration's newly enhanced authority over medical device security - as granted by a funding bill signed into law last year - is "transformative" in raising the bar on what is expected from makers in their product submissions to the agency, said Dr. Suzanne Schwartz of the FDA.
U.S. intelligence agencies are warning about unnamed foreign intelligence entities targeting the private space sector to steal sensitive data related to satellite payloads and disrupting and degrading U.S. satellite capabilities. They say space-related innovation is a valuable target.
The federal agency that enforces HIPAA is heavily focused on investigations of potential violations involving online tracking tools in healthcare websites that impermissibly transmit sensitive patient information to third parties, said Susan Rhodes of the Department of Health and Human Services.
Advocate Aurora Health has agreed to pay $12.25 million to settle consolidated class action claims that the Illinois-based hospital chain invaded patient privacy by using tracking codes on its websites and patient portal, according to a preliminary settlement plan in Wisconsin federal court.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.