California's legislature has quickly introduced and passed new privacy legislation, making the state's laws the strongest in the U.S. The new law gives consumers a raft of new rights, and aims to bring more transparency to the murky trade in people's personal information.
What are hot cybersecurity topics in Scotland? The "International Conference on Big Data in Cyber Security" in Edinburgh focused on everything from securing the internet of things the rise of CEO fraud to the origins of "cyber" and how to conduct digital forensic investigations on cloud servers.
Australian medical booking service HealthEngine says late Friday it notified 75 users of a breach that may have exposed some identifying information. The data breach is the latest in a string of problems for HealthEngine, which was caught tampering with patient reviews and using questionable marketing tactics.
Privacy rights groups are calling on the Court of Justice of the European Union to clamp down on at least 17 EU governments that require domestic telecommunications firms to store all communications data, despite the court having ruled that such mass surveillance practices are illegal.
The U.S. Supreme Court has ruled that location data generated by mobile phones is protected by the Fourth Amendment, meaning police need "probable cause" before they can access it. The ACLU says the ruling "provides a groundbreaking update to privacy rights" in the digital age.
Australia's large online medical booking platform, HealthEngine, has become embroiled in a privacy controversy after it reportedly passed personal medical details to a personal injury law firm. HealthEngine maintains it obtained users' consent, but the revelation appears to have caught many by surprise.
A federal court recently dismissed a case filed by a patient alleging a laboratory violated HIPAA by failing to shield her personal health information from public view. The ruling once again reaffirmed a longstanding precedent that individuals cannot sue for alleged HIPAA violations.
Europe's General Data Protection Regulation is reshaping the way organizations handle data. That's going to have an impact on the sharing of threat intelligence. But the Anti-Phishing Working Group hopes the law will provide legal clarity that will make more organizations comfortable with sharing threat data.
Addressing an important privacy issue, federal regulators have issued guidance to clarify details about how patients should authorize the use or disclosure of their protected health information for future research - and their right to revoke that authorization.
Phishing remains the top attack vector, and an organization's people of course remain the top target. But how can these same people be leveraged as a key component in your anti-phishing defense? Kurt Wescoe of Wombat shares insight.
When June arrives in the United Kingdom, that means it's time for the annual Infosecurity Europe conference in London. Here are visual highlights from this year's event, which featured 240 sessions, 400 exhibitors and an estimated 19,500 attendees.
A breach involving misdirected emails to nearly 56,000 patients allegedly tied to a sorting error by a business associate has taken an unusual twist: The organization involved, Dignity Health, is asking for patients' help in mitigating the privacy mishap. But could that move prove to be counterproductive?
What impact will an appellate court's ruling Wednesday that vacated the Federal Trade Commission's data security enforcement action against LabMD have on the agency's long-term enforcement activities? Regulatory experts are weighing in.