A Department of Health and Human Services division that administers funding, training and other services to children and families is putting sensitive data at high risk because of gaps in cloud security controls and practices, according to a watchdog agency report.
Google says it will delete web browsing data generated by 136 million individuals who used the tech giant's Chrome browser in Incognito mode as part of a proposed settlement ending a class action lawsuit alleging the tech giant had misled consumers about privacy protections.
How are U.S. telecommunications firms combating illicit location tracking being used by bad actors at home and abroad against their subscribers? That's the focus of a new call for comment from the Federal Communications Commission, which wants to know whether or not existing defenses are working.
In the latest weekly update, legal expert Jonathan Armstrong joined three ISMG editors to discuss the Department of Justice's antitrust lawsuit against Apple, ransomware payment dilemmas and AI copyright infringement fears - highlighting the intricate legal issues shaping big tech and cybersecurity.
The European Commission will scrutinize Meta's pivot to a subscription model in response to a string of rulings from data protection boards limiting the social media giant's ability to legally collect user data. Europe announced a slew of investigations into American big-tech companies.
Revenue cycle management firm MedData has agreed to a $7 million settlement in a class action lawsuit filed after an employee inadvertently uploaded and exposed the health and personal information of about 136,000 individuals on the public-facing part of GitHub for more than a year.
The House voted Wednesday to pass the Protecting Americans' Data from Foreign Adversaries Act, a bill that would provide the FCC with enhanced authorities to seek up to $50,000 in civil penalties against data brokers that sell Americans' sensitive information to countries such as Russia and China.
As quantum computing looms, experts emphasize the urgency of embracing quantum-safe strategies. They highlight the need for proactive measures to protect digital assets from future breaches, deliver long-term data security and ensure the integrity of encryption.
Federal regulators have issued updated guidance about web trackers on patient portals or other health-related websites, saying that collecting and disclosing certain information - such as device IP addresses - does not necessarily pose HIPAA violations, under some circumstances.
A Mississippi women's health clinic has filed a proposed class action lawsuit against UnitedHealth Group alleging the disruption in claims processing caused by the cyberattack on the company's Change Healthcare unit and the resulting IT outage is threatening to push the practice into bankruptcy.
Facebook's attempt to navigate European privacy regulations by giving users a fee-based opt-out from behavioral advertising triggered backlash from more than a dozen European politicians who accused the social media giant of treating human rights as a commodity.
In the latest weekly update, Grant Schneider of Venable LLP joined three ISMG editors to discuss the future of U.S. federal cybersecurity and privacy legislation, AI integration and recent CISA developments - all set against a backdrop of political complexities.
Healthcare sector organizations need to focus their attention on meeting the "voluntary" essential and enhanced cybersecurity performance goals set out by federal regulators before they become potential mandates, said Kate Pierce, virtual information security officer at Fortified Heath Security.
The Spanish High Court on Monday sided with the country's data regulator, the Spanish Data Protection Agency, to uphold a three-month ban on OpenAI founder Sam Altman's controversial digital identity and cryptocurrency platform Worldcoin due to privacy concerns.
The Change Healthcare attack is already providing valuable lessons to healthcare firms - mostly about the importance of resilience, especially when it comes the industry's supply chain and third parties, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.