The Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) announced that eyewear company Warby Parker must pay a $1.5 million penalty after a data breach that violated the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, the department announced Thursday.
The SEC will provide exemptions to the requirement that certain personally identifiable information be reported to the Consolidated Audit Trail (CAT), the commission announced Monday.
President Donald Trump’s firings at the Privacy and Civil Liberties Oversight Board “opens the door to politically motivated surveillance under the guise of fighting terrorism,” Center for Democracy & Technology Senior Counsel Greg Nojeim said Thursday (see 2501300049).
Life science companies should be aware of data-sharing restrictions under DOJ’s new rule banning cross-border data transfers to adversarial countries (see 2501070056), compliance attorneys said Monday.
The National Institute of Standards and Technology (NIST) on Tuesday announced a central website for companies seeking guidance on the intersection of privacy and cybersecurity.
The Department of Homeland Security disbanded its 15-member data privacy and integrity advisory committee.
NTIA should prioritize transparency and open-internet principles and respect individual privacy rights when crafting potential ethical guidelines for researchers who handle pervasive data, consumer and internet advocates said in comments recently posted.
Solara Medical Supplies will pay $3 million to resolve possible violations of the Health Insurance Portability and Accountability Act (HIPAA), the Department of Health and Human Services said Tuesday.
Auto sector manufacturers and importers have a little more than a year to eliminate from their supply chains Chinese software that enables automated driving systems or enables a vehicle to connect to the outside world at a frequency above 450 MHz, according to a Bureau of Industry and Security final rule to be published in Thursday's Federal Register and effective March 17. The White House said in a fact sheet that these systems cannot be designed or manufactured by companies from adversary countries because they could imperil infrastructure and "enable mass collection of sensitive information, including geolocation data, audio and video recordings, and other pattern-of-life analysis."
The National Institute of Standards and Technology expects to release more documentation outlining a growing list of essential knowledge and skills that privacy professionals need, NIST Privacy Engineering Program Lead Dylan Gilbert said Wednesday.