Feds will weigh whether cyber best practices were followed when assessing HIPAA fines
Organizations that can show they did their due diligence in protecting medical information will be better off, should a breach occur.
About SC Media
Compliance
‘Ghosts of legislations past’: Policy predictions for 2021
If 2020 brought deadlines tied to various privacy and data protection policies, then 2021 means compliance – with less leniency for companies that fall short of regulations.
Forrester offers six-step governance, risk and compliance program
In a new report on governance, risk and compliance, Forrester advises top security officials that they have to prepare for more regulations around privacy and personal control over data, especially when it comes to handling medical data during the pandemic.
Privacy 2020: From prepared to alarmed, the year the rubber hit the road
If 2019 was an opportunity for privacy advocates to push for preparation ahead of looming data protection deadlines, then 2020 was the year organizations were expected to prove themselves ready. In this second article in our Year in Review series, we consider how legal complications leave all businesses, big and small, with a heavier privacy burden than ever.
EU resolution seeks compromise from tech firms on encryption backdoors
Some on social media speculated the resolution would be binding or that legislation was imminent. Neither are true. But it’s another signal that encryption isn’t settled policy in even the privacy-protective EU.
H&M not alone: Companies often fall short in privacy protections for employees
Many businesses treat information about their own employees differently than that of customers, which could place them squarely in violation of privacy regulations.
Featured, Privacy & Compliance News and Analysis, Security News, Vulnerabilities, Web Services Security, E-Commerce Security, Website/Web Server Security
Accidental Airbnb account takeover linked to recycled phone numbers
As it turns out, websites and apps have experienced this commonplace problem for years, and companies could find themselves in violation of data security standards if users’ information were to be exposed.
George Floyd medical records breached; does ‘VIP’ data need bonus security?
Experts told SC Media that the auditing and reporting process is an important component of a health care organization’s data privacy strategy in order to catch violations, and that particular focus should be paid to “records that would be of high interest or curiosity.”
5 Steps organizations should take to ensure CCPA compliance
Now that the California Consumer Privacy Act has officially taken effect, follow these 5 steps to ensure compliance, even if your organization is outside the Golden State. According to the Identity Theft Resource Center, more than 164 million consumer records containing personally identifiable information (PII) were exposed in data breaches in 2019. Seemingly every week…
Coronavirus, Government, Privacy & Compliance News and Analysis, Security News, Website/Web Server Security
Kentucky is 6th state to disclose leak of unemployment claims amid Covid-19
Kentucky has become the sixth state to disclose a data leak related to unemployment-related forms that has taken place during the Covid-19 pandemic. The Kentucky Education & Workforce Development Cabinet (EWDC) on Thursday acknowledged that a vulnerability in its Unemployment Insurance Portal caused a data leak that allowed insurance claimants to view the identity verification…
Next post in Security News
