Penetration Testing: The Hacking That Might Just Save Your Business

As all applicable organizations should know, the NY SHIELD Act took effect March 21, 2020, to protect the private information of New York residents from unauthorized access. This includes the private information of both employees and non-employees held by New York businesses. If a New York business has private information on New York residents andContinue reading “Penetration Testing: The Hacking That Might Just Save Your Business”

Telehealth and Privacy Issues

This paper surveys the privacy and security issues facing health care providers using video conferencing applications. Stricter privacy protection for health information date back thousands of years. Why are their stricter laws in place to protect health information? Well, embarrassing health information can lead to stigmatization. Keeping health information private makes patients more inclined toContinue reading “Telehealth and Privacy Issues”

Who Needs to Comply with PCI DSS?

The Payment Card Industry Data Security Standard (PCI DSS) was enacted by the PCI Security Standards Council (PCI SSC) to combat financial fraud. Specifically, to protect against criminals stealing and using personal consumer financial information from payment card transactions and processing systems. PCI DSS created standards of practice for businesses that process credit card data.Continue reading “Who Needs to Comply with PCI DSS?”

Steps for CCPA Compliance

In this article, we try to demystify the California Consumer Privacy Protection Act (CCPA) for small and medium-sized enterprises (SMEs) concerned about CCPA compliance. The CCPA became law in California on June 28, 2018. The CCPA gives consumers more control over the personal information that businesses collect about them. Moving forward, businesses that target CaliforniaContinue reading “Steps for CCPA Compliance”

HIPAA Basics for Providers

Health Insurance Protection and Accountability Act of 1996 (HIPAA), as updated by the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH) protect medical information within the United-States healthcare industry. HIPAA does not preempt stricter state privacy laws. The Privacy Rule standards address the use and disclosure of individuals’ health information –Continue reading “HIPAA Basics for Providers”

Protecting Children from Big Tech

European regulators are suing YouTube and Google for collecting children’s’ information without parental consent. The lawsuit, filed in U.K. High Court, represents the first European action filed against YouTube and Google for unlawfully collecting children’s information. According to the lawsuit, YouTube violated the U.K. Data Protection Act and the General Data Protection Regulation (GDPR). RegulatorsContinue reading “Protecting Children from Big Tech”

Protecting Students Online

School closure this Spring left more than 50 million students from kindergarten through 12th grade across the U.S. out of the classroom. States across the U.S. shut down their schools, leaving around 90% of students at home in mid-April. Some districts opted to end the academic year early. Technology will continue to be used to deliverContinue reading “Protecting Students Online”

Google to Pay $170 Million for COPPA Violations

In 2019, the Federal Trades Commission (FTC) renewed their efforts to protect children from websites and online services. This initiative was enforced through the Children Online Privacy Act of 1998 (COPPA). Last year, Google and YouTube payed a record $170 million as part of a settlement with the FTC for alleged COPPA violations. COPPA requiresContinue reading “Google to Pay $170 Million for COPPA Violations”

OCR Settles Second Enforcement Action Under HIPAA Right of Access Initiative

Korunda Medical LLC agreed to pay an $85,000 fine to the U.S. Department of Health and Human Services (HHS) over an alleged violation of HIPPA Right of Access initiative. The Office of Civil Rights (OCR) at HHS announced its second enforcement action and settlement of the year under its HIPPA Right of Access Initiative. ThisContinue reading “OCR Settles Second Enforcement Action Under HIPAA Right of Access Initiative”