Analysis, Computer and Electronics, Information Security and Privacy

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Honor, Huawei, iFlytek, OPPO, Samsung Electronics, Tencent, Vivo and Xiaomi Technology. Data breached: <1 billion people’s data.

Data Privacy

Data Privacy Privacy Manufacturing Security

An Early Recap of Privacy in 2020: A US Perspective

Data Matters

SEPTEMBER 29, 2020

*This article was adapted from “Global Overview,” appearing in The Privacy, Data Protection and Cybersecurity Law Review (7th Ed. and first published by the International Association of Privacy Professionals Privacy Perspectives series on September 28, 2020. But COVID-19 was not the only shock to the privacy system in 2020.

Privacy

Privacy Communications Government Data breaches

HHS Releases Guidance on Audio-Only Telehealth Practices

Hunton Privacy

JUNE 29, 2022

Department of Health and Human Services Office for Civil Rights (“OCR”) released guidance to help covered entities understand how they can use remote communication technologies for audio-only telehealth in compliance with the HIPAA Privacy and Security Rules (the “Guidance”).

Computer and Electronics

Computer and Electronics Communications Privacy Encryption

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Data Matters

FEBRUARY 6, 2019

On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. See Indiana v. Informatics Eng’g, Inc. , 3:18-cv-00969 (N.D.

Data breaches

Data breaches Computer and Electronics Security Insurance

HHS Announces HIPAA Settlement with UMass

Hunton Privacy

NOVEMBER 30, 2016

On November 22, 2016, the Department of Health and Human Services (“HHS”) announced a $650,000 settlement with University of Massachusetts Amherst (“UMass”), resulting from alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules. .

Computer and Electronics

Computer and Electronics Insurance Privacy Risk

OCR Enters into Record Settlement with Anthem

Hunton Privacy

OCTOBER 22, 2018

Attackers were able to download malicious files to the employee’s computer and gain access to other Anthem systems that contained individuals’ names, Social Security numbers, medical identification numbers, addresses, dates of birth, email addresses and employment information. prevent unauthorized access to ePHI.

Computer and Electronics

Computer and Electronics Passwords Data breaches Compliance

Malware Training Sets: FollowUP

Security Affairs

MAY 14, 2019

So, I came up with this blog post and this GitHub repository where I proposed a new testing-set based on a modified version of Malware Instruction Set for Behavior-Based Analysis , also referred as MIST. The original post along many other interesting analysis are available on the Marco Ramilli blog: [link].

Artificial Intelligence

Artificial Intelligence Computer and Electronics Honeypots Cybersecurity

GDPR and The Data Governance Imperative

AIIM

SEPTEMBER 12, 2018

This is the 12th post in a series on privacy by Andrew Pery. Data Privacy and Open Data: Secondary Uses under GDPR. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. Privacy by Design: The Intersection of Law and Technology. Obligations Analysis.

GDPR

GDPR Government Information governance Compliance

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

Data Matters

NOVEMBER 27, 2019

identical electronic records at both its approved premises and the EDSP (whether located in Hong Kong or elsewhere). identical electronic records at both its approved premises and the EDSP (whether located in Hong Kong or elsewhere). ensuring information security to prevent unauthorized access, tampering or destruction of records.

Cloud

Cloud Access Information Security Risk

OCR Issues Guidance on Disclosures to Family, Friends and Others

Hunton Privacy

JULY 26, 2018

Department of Health and Human Services’ Office for Civil Rights (“OCR”) provided guidance regarding identifying vulnerabilities and mitigating the associated risks of software used to process electronic protected health information (“ePHI”). HIPAA Administrative Safeguards. Report on Meltdown and Spectre vulnerabilities.

Computer and Electronics

Computer and Electronics Risk Cybersecurity Access

Department of Commerce Issues Landmark Privacy Green Paper

Hunton Privacy

DECEMBER 16, 2010

Department of Commerce Internet Policy Task Force issued its “Green Paper” on privacy, entitled “ Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework.” Renewing the U.S.’s Renewing the U.S.’s

Paper

Paper Privacy Computer and Electronics Data Privacy

HHS Announces Settlements with Health Care System and Medical Research Institute over Potential HIPAA Violations

Hunton Privacy

MARCH 22, 2016

On March 16, 2016, and March 17, 2016, respectively, the Department of Health and Human Services (“HHS”) announced resolution agreements with North Memorial Health Care of Minnesota (“North Memorial”) and The Feinstein Institute for Medical Research (“Feinstein Institute”) over potential violations of the HIPAA Privacy Rule. North Memorial.

Computer and Electronics

Computer and Electronics Risk Passwords Privacy

HHS Settles First HIPAA Enforcement Action Against a State Agency

Hunton Privacy

JUNE 27, 2012

In connection with the announcement, the HHS Office for Civil Rights (“OCR”) Director Leon Rodriguez stated that OCR “expect[s] organizations to comply with their obligations under [the HIPAA Security and Privacy Rules] regardless of whether they are private or public entities.”. View the HHS resolution agreement.

Computer and Electronics

Computer and Electronics Encryption Risk Compliance

OCR and Health Care Industry Cybersecurity Task Force Publish Cybersecurity Materials

Hunton Privacy

JUNE 12, 2017

notifying OCR of the breach as soon as possible, but no later than 60 days after the discovery of a breach affecting 500 or more individuals. The report concludes by providing a list of key resources and best practices for addressing cybersecurity threats that were gleaned from studying the financial services and energy sectors.

Cybersecurity

Cybersecurity Computer and Electronics Education Financial Services

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. But how exactly will artificial intelligence help bridge the information security skills gap? They won with Mayhem, an assisted intelligence application security testing solution.

Security

Security Artificial Intelligence Computer and Electronics Libraries

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. But how exactly will artificial intelligence help bridge the information security skills gap? They won with Mayhem, an assisted intelligence application security testing solution.

Security

Security Artificial Intelligence Computer and Electronics Libraries

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

ForAllSecure

OCTOBER 9, 2019

Advances in the use of polymers revolutionized everything from food packaging to electronics, telecommunication and medicine. But how exactly will artificial intelligence help bridge the information security skills gap? They won with Mayhem, an assisted intelligence application security testing solution.

Security

Security Artificial Intelligence Computer and Electronics Libraries

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Dave Kennedy started as forensic analysis and cyber warfare specialist in the US Marine Corps before entering the enterprise space. Dave Kennedy | @hackingdave.

Cybersecurity

Cybersecurity e-Discovery Passwords Information Security

European Cybersecurity in Context: A Policy-Oriented Comparative Analysis

Security Affairs

AUGUST 22, 2022

I’m proud to have contributed to the “ European Cybersecurity in Context: A Policy-Oriented Comparative Analysis “ Worldwide connectivity has unleashed global digitalisation, creating cross-border social networks for communicating and spreading information. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Computer and Electronics Artificial Intelligence Communications

Information Management Today

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

An Early Recap of Privacy in 2020: A US Perspective

Webinars

Trending Sources

HHS Releases Guidance on Audio-Only Telehealth Practices

Webinars

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

HHS Announces HIPAA Settlement with UMass

OCR Enters into Record Settlement with Anthem

Malware Training Sets: FollowUP

GDPR and The Data Governance Imperative

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

OCR Issues Guidance on Disclosures to Family, Friends and Others

Department of Commerce Issues Landmark Privacy Green Paper

HHS Announces Settlements with Health Care System and Medical Research Institute over Potential HIPAA Violations

HHS Settles First HIPAA Enforcement Action Against a State Agency

OCR and Health Care Industry Cybersecurity Task Force Publish Cybersecurity Materials

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

Top Cybersecurity Accounts to Follow on Twitter

European Cybersecurity in Context: A Policy-Oriented Comparative Analysis

Stay Connected