Weeks after the Department of Health and Human Services announced its first HIPAA enforcement action in a ransomware breach, federal regulators have reached another milestone: a $480,000 settlement in a HIPAA case centered for the first time ever on a phishing attack.
The Joint Commission is kicking off a new voluntary certification program for hospitals' "responsible use" of health data. The effort aims to help address growing privacy concerns over the secondary use of patient data by third parties for artificial intelligence initiatives and other activities.
A New York medical imaging services provider is notifying nearly 606,000 individuals that their information was potentially accessed and copied in a recent hacking incident. The entity is one of several medical imaging centers that have reported major hacking breaches in recent weeks and months.
The recently released National Security Policy emphasizes building cybersecurity resilience in the Philippines. To do this, businesses must focus on protecting identity, push for cybersecurity education and protect critical infrastructure from external cyberattacks, said CISO Charmaine Valmonte.
A senior Democrat on the Senate Intelligence Committee pledged to block Air Force Lt. Gen. Timothy Haugh from serving as director of the National Security Agency until the agency says whether it is purchasing data on U.S. citizens from data brokers, including location data and web browsing history.
A large, Seattle-based surgical group is notifying nearly 437,400 individuals that their information was potentially compromised in a ransomware and data theft incident earlier this year. The breach is part of a larger, disturbing trend in the healthcare sector in 2023.
The Indian government has exempted the national Computer Emergency Response Team from providing information to citizens under the Right to Information Act. Industry experts believe the move may dilute the agency’s public accountability and transparency.
New Jersey-based hospital group Capital Health is dealing with a network outage, caused by a cyberattack earlier this week, which is affecting some patient services. Capital Health is at least the second healthcare provider in the Garden State responding to a cyberattack this week.
New York regulators are warning millions of individuals of identity theft risks involving a data theft at a medical transcriber that has now affected patients of at least two major healthcare groups, including Crouse Health and Northwell Health in the state. Lawsuits in the case are also piling up.
Indonesian data protection experts recommend understanding the types of personal data collected and their purpose, urging companies to leverage established frameworks such as NIST and ISO 27701. These frameworks should align with the regulations of each country.
President Joe Biden's recent executive order for artificial intelligence encourages investment in AI while setting a vision for a regulatory framework to address issues involving AI technology safety, bias and other concerns in healthcare, said attorney Wendell Bartnick of the law firm Reed Smith.
European lawmakers slammed the EU executive branch's inaction after a parliamentary committee called for tougher rules designed to prevent spyware abuse across the trading bloc. More than half of European Parliament lawmakers backed a resolution demanding rapid action.
Federal regulators have smacked a New York medical center with an $80,000 penalty as part of a settlement for a HIPAA privacy breach involving the information of three patients that was exposed to a reporter and distributed nationally during press coverage in the early days of the COVID-19 pandemic.
Kalpesh Doshi, CISO at HDFC Life, shared how financial services C-suite leaders can navigate the complexities of India's Digital Personal Data Protection Bill. He is concerned about the shortage of people needed to meet new requirements and how those requirements will apply to international firms.
Britain's privacy watchdog on Friday said it will continue fighting to impose a fine on Clearview AI for allegedly violating the privacy rights of Britons after a tribunal sided with the facial recognition company by vacating a 7.5 million-pound penalty.