Ransomware Attack on Refuah Health Compromised the Data of 250,000 New Yorkers

by Security DeskC Suite, Compliance, General News, Vulnerability NewsPosted on Comments are Disabled

New York Attorney General Letitia James has reached an agreement with Refuah Health Center, Inc. to address the health care provider’s failure to protect patient data. Refuah experienced a ransomware attack that compromised the personal and private information of around 250,000 New Yorkers. The investigation found that Refuah lacked appropriate controls, such as encryption and …

Read more “Ransomware Attack on Refuah Health Compromised the Data of 250,000 New Yorkers”

How to Ensure Your Cyber Insurance Pays Out

by Security DeskC Suite, Compliance, Vulnerability NewsPosted on Comments are Disabled

In the current digital environment, where cyberthreats are commonplace, it makes perfect sense to have cyber liability insurance. However, just having a policy in place doesn’t guarantee a smooth claims process. Cyber insurance policies come with varying terms and coverage, requiring meticulous examination of inclusions and exclusions and deciphering technical jargon. Having a thorough understanding …

Read more “How to Ensure Your Cyber Insurance Pays Out”

FTC Proposes Strengthening Children’s Privacy Rule to Further Limit Companies’ Ability to Monetize Children’s Data

by Security DeskC Suite, Compliance, FTC Actions, General NewsPosted on Comments are Disabled

The Federal Trade Commission (FTC) has proposed changes to the Children’s Online Privacy Protection Rule (COPPA Rule) to strengthen children’s privacy and limit companies’ ability to monetize children’s data. The proposed changes include prohibiting the collection of more personal information than necessary for a child to participate in an activity, clarifying the meaning of “activity,” …

Read more “FTC Proposes Strengthening Children’s Privacy Rule to Further Limit Companies’ Ability to Monetize Children’s Data”

Rite Aid Banned from Using AI Facial Recognition After FTC Says Retailer Deployed Technology without Reasonable Safeguard

by Security DeskC Suite, FTC Actions, General NewsPosted on Comments are Disabled

Rite Aid has been banned by the Federal Trade Commission (FTC) from using facial recognition technology for surveillance purposes for five years. The retailer failed to implement proper procedures, resulting in false tagging of consumers as shoplifters. The FTC’s order aims to protect consumer rights and prevent further misuse of the technology. Rite Aid will …

Read more “Rite Aid Banned from Using AI Facial Recognition After FTC Says Retailer Deployed Technology without Reasonable Safeguard”

FTC has taken action against Global Tel*Link Corp

by Security DeskBreach News, C Suite, Compliance, FTC Actions, General NewsPosted on Comments are Disabled

The Federal Trade Commission (FTC) has taken action against Global Tel*Link Corp. and its subsidiaries for failing to adequately secure personal data and notify consumers after a data breach. The breach occurred due to changes made by a third-party vendor to the security settings for the data stored in the cloud, leaving the personal data …

Read more “FTC has taken action against Global Tel*Link Corp”

Snooping in Medical Records

by Security DeskBreach News, C Suite, Compliance, General News, HIPAA News - FinesPosted on Comments are Disabled

Yakima Valley Memorial Hospital has settled with the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) for $240,000 after security guards accessed medical records without authorization. The hospital will update policies and procedures to protect patient information and train employees to prevent future breaches. OCR Director Melanie Fontes Rainer stressed the …

Read more “Snooping in Medical Records”

FTC Finalizes Order with 1Health.io Over Charges it Failed to Protect Privacy and Security of DNA Data

by Security DeskC Suite, Compliance, FTC Actions, General NewsPosted on Comments are Disabled

The Federal Trade Commission (FTC) has reached a settlement with genetic testing firm 1Health.io over charges of failing to protect the privacy and security of DNA data and making unfair changes to its privacy policy. The FTC accused 1Health.io, formerly known as Vitagene, of deceiving consumers about its privacy and security practices. The company allegedly …

Read more “FTC Finalizes Order with 1Health.io Over Charges it Failed to Protect Privacy and Security of DNA Data”

Disclosure of Patients’ Protected Health Information to a News Reporter

by Security DeskBreach News, C Suite, Compliance, General News, HIPAA News - FinesPosted on Comments are Disabled

St. Joseph’s Medical Center has settled with the Office for Civil Rights (OCR) over a HIPAA investigation regarding the disclosure of patients’ protected health information to a news reporter. The medical center provided a national media outlet with access to COVID-19 patients’ information without obtaining written authorization. OCR determined that three patients’ information was disclosed, …

Read more “Disclosure of Patients’ Protected Health Information to a News Reporter”

How Effectively Managing Risk Bolsters Cyber Defenses

by Security DeskBreach News, C Suite, Compliance, General NewsPosted on Comments are Disabled

In today’s rapidly evolving digital landscape, where cyber threats and vulnerabilities continually emerge, it’s obvious that eliminating all risk is impossible. Yet, there’s a powerful strategy that can help address your organization’s most critical security gaps, threats and vulnerabilities — comprehensive cyber risk management. It goes beyond technical controls and considers organizational factors such as …

Read more “How Effectively Managing Risk Bolsters Cyber Defenses”

How to Achieve Strategic Cyber Risk Management With NIST CSF

by Security DeskBreach News, C Suite, CompliancePosted on Comments are Disabled

Keeping sensitive data and critical tech safe from cyberattacks is crucial for businesses like yours. Your survival and growth depend on how well your organization can withstand cyber threats. That’s where cyber risk management comes into play. Businesses with solid cyber risk management strategies can build formidable cyber defenses and reduce risks without compromising business …

Read more “How to Achieve Strategic Cyber Risk Management With NIST CSF”