With the Brexit transition period coming to an end there are a number of important considerations for companies in the United Kingdom to review in relation to the appointment of a General Data Protection Regulation […]
Healthcare groups and their business associates that want to transmit share protected health information must do so in line with the HIPAA Privacy Rule, which restricts the potential uses and disclosures of PHI, but de-identification […]
Ireland’s Data Protection Commission (DPC) has revealed that Twitter, which has its European Union headquarters based in Dublin, has been hit with a fine €450,000 for breaching the General Data Protection Regulation (GDPR). This is […]
In France the data protection regulator, Commission nationale de l’informatique et des libertés (CNIL), has penalised French retail giant Carrefour more than €3m ($3.7m) in relation to a number of breaches of the European Union’s […]
The U.S. National Security Agency (NSA) has issued a cybersecurity advisory warning Russian state-sponsored hacking groups are targeting a vulnerability in VMWare virtual workspaces used to support remote working. The flaw, tracked as CVE-2020-4006, is […]
In a busy day for the French Data Protection Authority CNIL, it was announced on Thursday that e-commerce giant Amazon had been fined €35m for a breach of the European Union’s General Data Protection Regulation […]
In France, the data protection regulatory authority CNIL has sanctioned Google with its largest General Data Protection Regulation financial penalty to date, €100m, in relation to a breach of the GDPR legislation which governs the […]
It has been revealed in the United Kingdom recently that a special task force, the Digital Markets Unit (DMU), will be established in order to ensure that large Internet-based companies can be properly policed, including […]
University of Minnesota Physicians has been hit by a cybercriminal attack that result in access being gained to the email accounts of two members of staff. One corporate email account was rendered accessible from the […]
In France the data protection regulator, Commission nationale de l’informatique et des libertés (CNIL), has penalised French retail giant Carrefour more than €3m ($3.7m) in relation to a number of breaches of the European Union’s […]
At the beginning this month the electorate of California voted to pass the California Privacy Rights Act (CPRA), legislation created to further enhance the reach of the California Consumer Privacy Act that become enforceable earlier […]
Some have called it the “new normal”. Others speak of the “Post-Covid world.” More positive and hopeful voices tell us that the Covid-19 pandemic, while painful, is but a temporary hiccup in the history of […]
Vodafone’s Italian operations has been sanctioned with a GDPR penalty of over than €12.25 million (US$14.5m) as a result of what was deemed ‘aggressive’ telemarketing practices. The fine comes following ‘hundreds’ of official complaints into […]
In Canada Minister of Innovation, Science and Industry Navdeep Bains has introduced the proposed Digital Charter Implementation Act, 2020 which aims to bring the framework up to date for the security of private data in […]
Listed here is a summary of some of the most significant HIPAA breach cases that have lead to settlement agreements with the Department of Health and Human Services’ Office for Civil Rights (OCR). We have […]
In the United Kingdom the Information Commissioner’s Office (ICO) has applied a fine of £1.25million against Ticketmaster UK Limited as a result of the company being found to be neglecting their duty to maintain its […]
Following the decision of a majority of EU data supervisors to support a proposed settlement from the Irish Data Protection Commission (DPC), the enforcement of a General Data Protection Regulation penalty is imminent fir Twitter […]
In California the California Privacy Rights Act (CPRA) ballot initiative has been passed after winning the approval of 56% of votes. This means that Californiance Consumers Privacy Act will be amended to incorporate additional rights […]
Following claims of breaches of federal and state legislation, linked to a data breach involving the protected health information of 9,700 customers of two ShopRite supermarkets in Millville, New Jersey and Kingston NY, Wakefern Food […]
In the United Kingdom the Information Commissioner’s Office (ICO) has hit hotel group Marriott International with an £18.4 million General Data Protection Regulation (GDPR) penalty for in its legal obligation to safeguard the private data […]
A report released by BuyShares has revealed that the United Kingdom tops for the imposition of data breach penalties with €132.7 million in the total value of General Data Protection Regulation fines since the legislation […]
HIPAA compliance is already provided by Amazon for its cloud platform AWS and the group is aiming to increase the use of the Alexa voice recognition technology within the healthcare sector. There is great potential […]
Microsoft have made a new patch available to address a critical remove code execution flaw in the Microsoft Windows Transmission Control Protocol (TCP)/IP stack. The flaw is related to how the TCP/IP stack manages Internet […]
Amazon Web Services (AWS) is a cloud platform service, a subsidiary of Amazon that includes more than 175 data centers around the world. AWS provides on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go […]
In the United Kingdom a €22m (£20m) fine has been sanctioned against British Airways in relation to a breach of the European Union’s General Data Protection Regulation (GDPR) that impacted the personal and financial details […]
A third set of proposed modifications to the California Consumer Privacy Act (CCPA) has been released by the California Department of Justice. The California attorney general became authorized to enforce the law on July 1, […]
In the United Kingdom the Government’s Department for Eduction (DfE) has been found guilty of breaching the European Union’s General Data Protection Regulation in relation to the manner that it processes pupil data. This comes […]
In Germany the data protection authority located in Hamburg has announced that H&M, the second biggest retailer in the world, is being fined €35.2 (US $41.3m) for breaching the European Union’s General Data Protection Regulation […]
Anthem Inc. has come to an agreement to settle actions by state attorneys general in different US states in relation to the 2014 78.8 million record data breach. Along with the $48.2 million financial penalty, […]
An alert has been released by the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) after a noticeable increase in LokiBot malware activity was recorded in the past eight weeks. LokiBot – also referred […]
A new phishing attack has been identified where cybercriminals are sharing a fake GDPR compliance reminder in a bid to try and fool those receiving the email into sharing their email log in details. The […]
A report released by Gartner, Inc. has estimated that 65% of the world’s population will have its personal data policed by some form of data privacy legislation by 2023. Gartner analysts presented The report was […]
The second annual National Insider Threat Awareness Month (NITAM) has been kicked off frequently, and assistance is being provided being made available to emphasize the importance of tackling insider threats. This event is a group […]
The impact of COVID-19 on a global scale can still not be truly estimated and will not be clear for many years to come. Indeed the world has possibly not seen an upheaval like this […]
A preliminary order has been issued by Ireland’s Data Protection Commission (DPC) directing Facebook to cease transferring personal data transfer from Ireland to the United States. This order comes following the European Union Court ruling […]
Earlier this month the European Data Protection Board (EDPB) released draft GDPR social media targeting guideline that seek to give a greater understanding in relation to the roles and duties of those involved in managing […]
Another four healthcare suppliers have broadcast HIPAA breach alerts in relation to the Blackbaud ransomware attack and data breach. Just after the Northwestern Memorial HealthCare group revealed that the personal information of 55,983 clients had […]
Since the start of the year European Union based-companies have been sanctioned with €68 million (£61.5m) for breaching the General Data Protection Regulation (GDPR). More that two-thirds of that has been paid over by Italian-companies, […]
In the United States a legal action has been filed by a consumer privacy campaign group against Salesforce and Oracle, alleging that both entities have breached the European Union’s General Data Protection Regulation with the […]
In California an accusation that the illegal harvesting the biometric data of over 100 million Instagram users has taken place has resulted in legal proceedings being initiated against Facebook, owner of the image sharing social […]
France’s CNIL announced that it has initiated an investigation into data management practices of the social media platform TikTok. A spokeswoman for France’s CNIL revealed that it begun examining how the social media app manages user […]
Norton Audubon Hospital has revealed that a HIPAA violation that a patient alleged took place led to the termination of the registered nurse’s employment contract. The nurse in question, Dianna Hereford, initiated a legal action […]
Two court rulings made in July 2020 may prove to be among the most important legal precedents that American tech companies will ever have had to come to grips with. What is particularly interesting about […]
A California federal court legal action alleges that Google has been tracking smartphone users’ app activity without adequate authorization in breach of the California Consumer Privacy Act. The legal action that was filed in the […]
It has been revealed that the Italian Data Protection Authority ‘Garante’ is sanctioning a €16,729,600 fine on telecoms provider Wind Tre in relation to a number of data processing activities, mostly related to direct marketing, […]
The Federal Bureau of Investigation (FBI) has released a (TLP:WHITE) FLASH alert following a rise in attacks using Netwalker ransomware. Netwalker is a new threat on the ransomware scene, first spotted in March 2020 after […]
A massive phishing campaign which was being operated in 62 countries has been taken down by Microsoft. First spotted by Microsoft’s Digital Crimes Unit (DCU) in December 2019, this particular phishing campaign was trying to […]
The European Court of Justice has today issued a ruling that voids the existing Privacy Shield agreement for data sharing between the European Union and United States due to the fact that it does not […]
Currently, there is no private cause of action in HIPAA, so a patient cannot take a legal action for a HIPAA violation. Even if HIPAA Rules have clearly been breached by a healthcare provider, and […]
The General Data Protection Regulation (GDPR) became active on May 25 2018. This short article will look into how GDPR impacts the Insurance Industry. Specialised consideration of the new Regulation is vital due to the […]
The Dutch Credit Registration Bureau (BKR) has been hit with a €830,000 ($937,000) fine in the Netherlands in relation a General Data Protection Regulation breach impacting data subjects rights in the Netherlands. The fine is […]
In a statement released on the 29th of June 2020, TikTok, the Chinese video-sharing social networking service owned by ByteDance, announced its decision to move the responsibility for safeguarding the privacy of its European users […]
A cybercriminal has been busy targeting unsecured MongoDB databases and threatening to report their vulnerability to data protection authorities, a move that could possibly result in a General Data Protection Regulation penalty being sanctioned. 23,000 […]
Following mediation talks, there has been an agreement to a proposed settlement between Grays Harbor Community Hospital and Harbor Medical Group and the representative plaintiff in a proposed class action lawsuit connected to a June […]
Several security flaws have been discovered in the remote access system, Apache Guacamole, a system which has been implemented by many companies to allow administrators and employees to access Windows and Linux devices remotely. The […]
On Monday TikTok revealed that it has decided to base its operations for data privacy within the European Union to Ireland. This comes following the establishment of the social networking platform’s Trust and Safety Hub […]
According to the terms of the GDPR, a small business is one that employs less than 250 and is not expected to meet some of the more stringent stipulations of the legislation. Small Business GDPR […]
A European Union, report which is due to be made public today, on the General Data Protection Regulation will reveal how small and medium-sized businesses are having great difficulty in investing the funds required to […]
Because HIPAA was enacted a number of years prior to the evolution of social media platforms, there are no provisions specifically addressing social media networks and PHI in the HIPAA text. However, this does not […]
Due to an alleged failure to put in place appropriate security measures to safeguard protect personal information, online design marketplace Minted Inc. is facing a class action lawsuit for breaching the California Consumers’ Privacy Act. […]
Last Friday it was revealed that Google had been unsuccessful in the appeal of the €50m General Data Protection Regulation fine which was sanctioned against by the French data protection authority, the CNIL (Commission nationale […]
In the United Kingdom a legal action has been filed under Article 82 of the General Data Protection Regulation (GDPR) in the High Court on behalf of nine million easyJet customers whose private data was […]
A bipartisan group of Senators have introduced a bill dedicated to securing contact tracing and exposure notification apps that will be implemented to manage the spread of COVID-19. One of three bills introduced, the Exposure […]
In Hungary the government has taken the decision to suspending the rights of data subjects under the European Union’s General Data Protection Regulation (GDPR). This suspension will remain in place until such time as the […]
Groups that are hit by a ransomware attack may be tempted to pay the ransom to reduce downtime and save on recovery costs, but a survey conducted by Sophos suggests organizations that pay the ransom […]
The challenge for business start-ups to successfully navigate their first couple of years in business is tricky enough without having to worry about investing additional time ensuring that they are 100% compliant for data privacy […]
Implemented on the 25th of May 2018, Europe’s General Data Protection Regulation (GDPR), has now entered the terrible twos. Birthdays are an occasion to take stock, and this anniversary is particularly interesting from an American […]
Using a HIPAA compliance guide will put you in a position to ally your group and your business associates to gain a proper understanding of the requirements associated with the Health Insurance Portability and Accountability […]
In Ireland the child and family protection agency, Tusla, has been fined €75,000 arising out of an investigation into three cases where information about children was wrongly disclosed to unauthorised parties. This makes Tusla has […]
Last week a group of four four Republican Senators revealed that they are proposing federal privacy legislation that will establish rules in relation to the collation and use of personal information during the Coronavirus pandemic. […]
The California Privacy Rights Act (“CPRA”), an Act that was drafted to address some of the supposed shortcomings of the recently introduced Californian Consumers’ Privacy Act (CCPA), has moved closer to a reality as advocates […]
In the Netherlands, the Dutch Data Protection Authority has sanctioned a €725,000 (US$791,000) General Data Protection Regulation (GDPR) fine against a company for scanning its employees’ biometrics with a fingerprint time and attendance system. The […]
Due to the COVID-19 Pandemic, many groups have have to quickly set up remote working capabilities for their staff. As a result of this there has been increased potential for cybercriminals to initiate campaigns. Remote […]
Fresh Data Breach Heartbreak for Marriott Hotel Group In December 2018, Marriott International disclosed a breach which had impacted some 383 million guest records. Industry specialists at the time viewed the data failure as a […]
The National Security Agency has release cybersecurity guidance for teleworkers to help enhance security when staff are working remotely. The guidance has been made available primarily for U.S. government employees and military service members, but […]
Virgin Media Ltd, which provides television, telephone and internet services throughout the United Kingdom may have to fork out up to £4,500,000,000 (roughly $5.5 billion) after a data security breach in which personal information belonging […]
Stockdale Radiology in California has revealed that patient privated data has been compromised due to a ransomware attack that took place on January 17, 2020.An internal review confirmed that the hackers gained access to patients’ […]
The European Data Protection Board (EDPB) has released guidance, in a letter, in relation to the European Commission’s recommendation for the development and implementation of apps used for specific purposes, such as contact tracing, in […]
‘In what countries is GDPR enforced?’ is a very common GDPR query. The General Data Protection Regulation (GDPR) is a European Union (EU) Regulation that was passed on April 27, 2016 and, following a two-year […]
California Attorney General Xavier Becerra has released a statement, reminding Californians of their rights in relation to their privacy, which further emphasized his office’s commitment to stick to the July 1 2020 enforcement date for […]
The private personal information of over 600,000 Email.it account holders has been illegally obtained and made available for purchase via the dark web. The breach was revealed on Sunday, April 5, following a tweets broadcast […]
Since the COVID-19 pandemic began everything has been moving at breakneck pace and there has been little time to consider how it impacts the European Union’s General Data Protection Regulation (GDPR). It is understandable, and […]
It has been announced that the Department of Health and Human Services (HHS) will be easing the sanctioning of penalties in relation to specific data privacy breaches during the COVID-19 pandemic. The Notice of Enforcement […]
Zoom, a video conferencing software application that has experienced explosive growth due to the social distancing measures introduced globally during the COVID19 crisis, has had a class action lawsuit filed against it in the Northern […]
Following the declaration of a state of emergency by California Governor Gavin Newsom in a bid to stem the surge of COVID-19, trade associations have issued a plea to have CCPA enforcement suspended until 2021. […]
It is important to remember that, despite the wide-reaching and deep impact the the COVID-19 pandemic, the rights of individuals to have their protection respected are as important and relevant as ever. In recent weeks […]
The Marriott Hotel Group has revealed that it has suffered its third data breach in just over two years and has impacted the private data of up to 5.2m guests. The hotel group that operates […]
Chief Information Security Officer for the World Health Organization Flavio Aggio has revealed that there has been a massive increase in the amount of cyber-attack registered against his group since the COVID-19 Pandemic began. When […]
Privacy Authority to impose $8 Million Penalty Google has announced that it intends to appeal the recent General Data Protection Regulation fine, its second, levied by Sweden’s Data Protection Authority against the internet giant. A […]
The Health Insurance Portability and Accountability Act (HIPAA) Rules still apply during public health emergencies such as the 2019 Novel Coronavirus (SARS-CoV-2) outbreak. When preventing and dealing with cases of COVID-19, the respiratory disease caused […]
In Sweden, the Data Protection Authority (DPA) has taken the decision to sanction a 75 million kronor (US$8 million) General Data Protection Regulation Penalty in relation to a “failure to comply”. This step was taken […]
As it typically the case when large-scales global events take place, the COVID 19 Coronavirus pandemic has resulted in cybercriminals attempting to use the situation to target unsuspecting individuals and companies as they attempt to […]
Hackers, spammers and cybercriminals are always leveraging current events to try and target susceptible Internet, SMS and email users and the coronavirus COVID 19 is no different. In the United States an alerts has been […]
In the United Kingdom the Information Commissioner’s Office (ICO) has been contacted by Virgin Media to advise them that the personal data belonging to over 900,000 customers has been illegally obtained by an unauthorised third […]
The UK’s Information Commissioner’s Office, or ICO, has imposed a fine of £500,000 ($603,750) on Cathay Pacific Airways for its failure to adequately protect the personal data of customers. The half-million pounds fine is in […]
The Information Commissioner’s Officer (ICO) in the United Kingdom has sanctioned a £500,000 data breach penalty against airline Cathay Pacific in relation to security lapses which exposed of 111,578 UK citizens and up to 9.4 […]
In the United Kingdom, a report issued by the Independent Chief Inspectorate of Borders and Immigration (ICIBI) has revealed that the Home Office (UK) has broken the European Union’s General Data Protection Regulation 100 times […]
The Lake Success, NY-located home health company, Personal Touch Home Care (PTHC), has begun contacting clients to advise them that a ransomware attack on its Wyomissing, PA-based IT vendor, Crossroads Technologies Inc. may have resulted […]
The California Consumer Privacy Act (CCPA), which became enforceable on January 1 2020 has resulted in may Californian-based businesses struggling to ascertain what they must do to achieve compliance with the new legislation. In addition […]
Various industry specialists, including Adobe Analytics, have reported that increasing consumer concern, and indeed shop closures, following the worldwide COVID-19 outbreak is already influencing our online shopping behaviour in a significant manner. While traditional retailers […]
Copyright © 2023 ComplianceJunction