All Data Privacy articles – Page 6
-
PremiumThe value of sales and compliance allyship
“Every compliance activity is a sales activity,” writes Al Raymond, privacy compliance officer at ZoomInfo, regarding his team’s approach to demonstrate to sales how a strong control environment can be a competitive advantage.
-
News BriefMedical management company to pay $100K in landmark HHS ransomware case
Doctors’ Management Service agreed to pay $100,000 in settling the first ransomware agreement under the Health Insurance Portability and Accountability Act reached by the Department of Health and Human Services’ Office for Civil Rights.
-
PodcastDigital Transformation of Compliance podcast: Ryder CCO Pilar Caballero
In this episode of the Digital Transformation of Compliance podcast series, Pilar Caballero, chief compliance officer and chief privacy officer at Ryder, discusses her company’s process for vetting privacy concerns regarding use of new technologies.
-
News BriefFCA flags potential regulatory breaches at NatWest regarding Farage scandal
An independent review into how NatWest handled the closure of politician Nigel Farage’s Coutts account uncovered potential regulatory breaches by the bank that are on the radar of the U.K. Financial Conduct Authority.
-
News BriefCFPB eyes open banking with financial data rights rule proposal
The Consumer Financial Protection Bureau is moving forward its plan to give consumers more control over their personal financial data as part of a new rule proposal.
-
WebcastCPE Webcast: TPRM privacy compliance: 10 best practices when working with third parties
Businesses are facing an increasing amount of pressure to protect their customers’ data and demonstrate privacy compliance. At the same time, for most modern organizations, more data is flowing to third parties than ever before.
-
PremiumModern-day enterprises: How to prepare for and prove network compliance
The need to prove network compliance is intensifying as lawmakers introduce new privacy legislation and organizations update their contractual security requirements for third-party vendors.
-
News BriefEOS Matrix battles back against Croatian DPA in $5.8M GDPR case
Debt collector EOS Matrix said it will challenge a General Data Protection Regulation penalty levied against it by the Croatian data protection authority after finding the data in question in the case does not match the data in its database.
-
PremiumExpert: How data hoarding increases businesses’ cyber risks
Holding on to data for longer than necessary creates vulnerabilities for businesses by giving cyberattackers more avenues to access an organization’s computer systems.
-
PremiumBank privacy processes questioned after U.K. ‘debanking’ scandal
The furor over NatWest Group’s decision to monitor and close the account of right-wing Brexit campaigner Nigel Farage—and then disclose the details to a journalist—has raised questions regarding whether other banks employ the same means to get rid of undesirable customers.
-
PremiumCPPA eyeing broad scope in early discussions around data risk assessments
Draft risk assessment regulations under the California Consumer Privacy Act are designed to prohibit businesses from handling consumer data if uncontrolled risks—to the security and privacy of the consumer, the public, or the business—outweigh the benefits.
-
News BriefTikTok fined $368M in children’s privacy GDPR ruling
The Irish Data Protection Commission announced a penalty of €345 million (U.S. $368 million) against popular social media company TikTok over alleged violations of the General Data Protection Regulation during a five-month period in 2020.
-
News BriefGoogle to pay $93M in California location data settlement
Google agreed to pay $93 million as part of a settlement with the state of California regarding its location data privacy practices. The agreement is separate from a related $391.5 million settlement Google previously reached with a coalition of other states.
-
News BriefHHS orders L.A. Care to pay $1.3M over apparent HIPAA violations
L.A. Care Health Plan agreed to pay $1.3 million to settle allegations by the U.S. Department of Health and Human Services it potentially violated the Health Information Portability and Accountability Act.
-
OpinionFallout from ‘debanking’ scandal suggests more U.K. bank reforms coming
The former CEO of NatWest’s decision to leak client details to the press regarding Nigel Farage is likely to cost the financial industry millions in new compliance checks as U.K. regulators prepare reviews into how banks treat people with extreme political views.
-
PremiumCalifornia cybersecurity audit rule scope begins taking shape at CPPA meeting
A final version of California’s cybersecurity audit rules likely won’t be released until later next year at the earliest, according to a rough timeline discussed by the California Privacy Protection Agency.
-
PremiumPaying ransom to avoid GDPR fine an unwise gambit
Companies that think paying reduced ransomware demands would be a better move than informing regulators of a data breach and facing enforcement are playing with fire, according to experts.
-
PremiumFrom 5 to 11: Keeping up with new state data privacy laws
If multi-state businesses thought at the start of 2023 complying with a patchwork of U.S. state privacy laws was going to be a lot of work, now they must be overwhelmed. Experts assess the fast-evolving U.S. privacy landscape.
-
News BriefSwedish DPA fines Trygg-Hansa $3.2M for GDPR breaches
Sweden’s data protection authority issued a penalty of 35 million Swedish krona (U.S. $3.2 million) against insurance company Trygg-Hansa for alleged security flaws that made customer insurance information accessible on the internet.
-
PremiumCyber expert: Reach for data security to achieve compliance
Data security and compliance are not one and the same but have enough overlap that organizations can take steps when building a data security program to move closer to achieving compliance.