Next on the FTC’s regulatory review calendar: the Health Breach Notification Rule. In place since 2009, the Rule requires vendors of personal health records and related entities that aren’t covered by HIPAA to notify individuals, the FTC, and, in some cases, the media when there has been a breach of unsecured personally identifiable health data.
Blog Posts Tagged with Data Security
As part of its regulatory review, the FTC announced earlier this year Information Security and Financial Institutions: An FTC Workshop to Examine the Safeguards Rule. If the Safeguards Rule is of interest to you or your clients, you’ll want to know about three new developments.
Between social distancing and COVID-19 stay-at-home orders, companies are turning to video conferencing services to get down to business. While these services help you connect, they also pose new privacy and data security risks. Here are some tips to keep in mind before hosting or joining a video conference online:
Headlines tout rapid improvements in artificial intelligence technology. The use of AI technology – machines and algorithms – to make predictions, recommendations, or decisions has enormous potential to improve welfare and productivity. But it also presents risks, such as the potential for unfair or discriminatory outcomes or the perpetuation of existing socioeconomic disparities. Health AI offers a prime example of this tension.
If your business makes “smart” devices, you’ll want to read about Tapplock’s settlement with the FTC. It’s one more example of why businesses in the Internet of Things (IoT) space need to think about privacy and security when designing connected products.
Consumers have come to expect their devices to be portable, but what about their data? The FTC just announced Data to Go, a public workshop set for September 22, 2020, to take a closer look at the potential benefits and challenges to consumers and competition raised by data portability.
We’ve warned consumers about Coronavirus-related scams, but businesses are at risk, too. Keep your guard up against these seven B2B scams that try to exploit companies’ concerns about COVID-19. In addition to sharing this information with your employees and social networks, read on for how you can report Coronavirus scams to the FTC.
Even as we all adjust to day-to-day changes, your work – and the work of the FTC – continues. If you’re a technologist or academic interested in presenting your latest research at the FTC’s PrivacyCon 2020, please let us know by April 10, 2020. Check out the Call for Presentations and respond by the deadline.
Turning eighteen was a momentous birthday for most of us and the same could be said for the Gramm-Leach-Bliley Act’s Safeguards Rule. Finalized in 2002 and in effect since 2003, the Safeguards Rule requires “financial institutions” to develop, implement, and maintain a comprehensive information security program for handling customer information.
To review everything the FTC did in 2019 dealing with consumer privacy and data security – Enforcement, Advocacy, Rules, Workshops, Consumer Education, Business Guidance, and International Engagement – it could take days to compile all that information. The FTC has an easier way to share those developments with your company, clients, and colleagues.
We know you’re busy with the business of your business. But we’re hoping for an hour of your time. Why? It’s tax season and tax identity thieves, government imposters, and cyber criminals are out in force. Find out how to help thwart them so you can keep focused on your bottom line.
They say hindsight is 20/20, but what about foresight? We’re not ones to prognosticate, but a look at notable FTC cases and initiatives from the past year suggests some topics likely to be top of mind in months to come. Here is a non-exhaustive list of issues in our 2019 rearview mirror and likely visible through the 2020 windshield.
When Chairman Simons and I arrived at the FTC, one of our first priorities was to strengthen the FTC’s orders in data security cases. We’ve already made three major changes that improve data security practices and provide greater deterrence, within the bounds of our existing authority.
You know the importance of strong cybersecurity, but have you heard about free vulnerability testing? As part of its mission to protect the nation’s cyber infrastructure, the Department of Homeland Security’s Cyber-Infrastructure Security Agency (CISA) offers free vulnerability scanning to government, critical infrastructure, and private businesses.
Entrepreneurs wear a lot of hats. In addition to marketing their products, they’re responsible for operational functions like inventory, ordering, and the protection of customer data. Rather than managing all that millinery, some businesses turn to third-party service providers to run things behind the scenes. But what steps are those companies taking to secure the confidential consumer information in their possession?
As Veterans Day reminds us, no one knows better than members of the military why it’s critical to maintain a vigilant defense. The more than 2.5 million veterans who own small businesses can apply that principle at their companies, too. Hackers are looking to exploit weaknesses in data perimeters, and business owners can’t afford to lose time, money, and customer goodwill to a compromised network. Knowing some cybersecurity basics and putting them in practice will help you protect sensitive employee and consumer information and reduce the risk of a cyber attack.
You know that eerie feeling that someone is following your every move? If someone secretly installed a “stalking app” or “stalkerware” sold by Retina-X Studios, LLC, onto your mobile device, that strange sensation could be way more than a feeling. A complaint against the developer and marketer alleges violations of the FTC Act and the Children’s Online Privacy Protection Act Rule.
It’s International Charity Fraud Awareness Week, a global effort to help charities and donors avoid charity fraud. The FTC has united with state charities regulators, the National Association of State Charities Officials, and international partners in the campaign. By joining forces, we can reach more charities with information and advice. This year, the focus is on what charities can do to help defend against cyber threats.
How would we describe PrivacyCon 2020? Is it Burning Man without the flames? The New Orleans Jazz Festival – minus the jazz and the festival? The best way to know what PrivacyCon is all about is to mark your calendar for July 21, 2020, and attend the FTC’s fifth annual gathering of leading privacy researchers. And check out our Call for Presentations to see if PrivacyCon would be a good forum for your recent research.
Wondering what small and midsize businesses (SMBs) think about cybersecurity? Or maybe you work for a small or midsize business that would like to tell someone what you think. Here’s your chance. The Information Technology Sector Coordinating Council (IT SCC) and Department of Homeland Security (DHS) just released a voluntary survey about SMB cybersecurity practices – and they asked us to help get the word out.