The National Institute of Standards and Technology on Wednesday announced revisions to its security and privacy controls catalog.
The Securities and Exchange Commission won’t pursue enforcement action against Zoom over allegations the company illegally shared user data with Chinese entities, the company said in a Friday filing with the agency.
As the next deadline nears for DOJ’s bulk data transfer rule, “businesses must continue to take proactive steps to understand and implement the rule’s complex compliance requirements,” said Benesch privacy and tech attorneys in a blog post Friday.
Industry groups are encouraged to adopt the National Institute of Standards and Technology’s digital identity guidelines, NIST Senior Policy Advisor David Temoshok said Wednesday (see 2508010052).
A New York public accounting firm settled with the Department of Health and Human Services for $175,000 over claims it violated the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, the Office for Civil Rights announced Monday following a ransomware attack investigation.
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently added a new FAQ explaining permitted disclosures of protected health information (PHI) to value-based care arrangements. OCR also updated older guidance regarding the types of personal health information that individuals can request access to.
It’s important for organizations to “actively stay up to date” on DOJ’s sensitive data rule even though enforcement began on July 9, blogged Constangy Brooks lawyers on Thursday.
Identity risk management is a “team sport,” blogged the National Institute of Standards and Technology as it published a fourth revision of NIST digital identity guidelines on Friday. The 2025 revision is meant to “respond to the changing digital landscape that has emerged since the last major revision … in 2017,” NIST wrote.
Comments are due Sept. 12 on the National Institute of Standards and Technology’s draft guidelines for developing secure software and testing for vulnerabilities, the agency said Wednesday.
The Trump administration has attempted to “dramatically expand” federal access to sensitive data traditionally held by state agencies, a group of consumer advocates said Monday in a privacy-related report.