Deidentification provider furthers partnership with Mayo Clinic Platform
Automated, real-time data deidentification provider TripleBlind expanded its partnership with the Mayo Clinic Platform.
Automated, real-time data deidentification provider TripleBlind expanded its partnership with the Mayo Clinic Platform.
Google Fi, a mobile virtual network operator, reported a third-party system was breached that stored “a limited amount” of customer data, InfoSecurity Magazine reports. Stolen data reportedly included account activation dates, information about specific mobile plans and SIM card serial numbers.
TechCrunch reports the European Commission will launch a new enforcement review plan to ensure adequate application of the EU General Data Protection Regulation. In response to GDPR enforcement questions by the European Ombudsman, the commission will require national data protection authorities to file "an overview of large-scale cross-border investigations under the GDPR" every two months.
Recent EU enforcement actions yielded important information and considerations for privacy professionals. After parsing through 800 pages of regulator decision-making, IAPP Research and Insights Director Joe Jones offers legal analysis and comments regarding key practical points related to the EU General Data Protection Regulation’s legal bases and transparency requirements.
In its first enforcement action under the Health Breach Notification Rule, the U.S. Federal Trade Commission prohibited GoodRx Holdings from sharing user health data with third parties for advertising purposes. The FTC said the telehealth and prescription drug discount provider failed to notify consumers about unauthorized disclosures of sensitive health data with advertising companies and social media platforms, as required under the rule.
The California Privacy Protection Agency Board published agenda items for its Feb. 3 meeting, including the final draft of its proposed California Privacy Rights Act regulations. The board announced discussion and possible action to finalize CPRA regulations in its meeting notice preceding the release of meeting materials. Finalization during the meeting would trigger a 30-day review from the California Office of Administrative Law.
In an interview with Politico, U.S. Rep. Sara Jacobs, D-Calif., discussed proposed legislation to strengthen Health Insurance Portability and Accountability Act protections for reproductive health data and the importance of safeguarding such sensitive and personal information. Post Roe v. Wade, Jacobs said, "None of our privacy laws are really set up for what we are going through and what society looks like.
Members of European Parliament plan to debate the proposed Artificial Intelligence Act's classification criteria for high-risk AI deployments. AI Act co-rapporteurs Brando Benifei and Dragoș Tudorache prepared a potential compromise text ahead of discussions aimed at making clear distinctions between actual or potential risks. The MEPs' meeting will also include adoption of prior compromise texts on requirements for high-risk AI systems and innovation measures.
If the U.S. passed legislation to ban TikTok, it may ultimately further undermine national security interests in the long run, Center for Strategic and International Studies Senior Adviser Glenn Gerstell writes in The New York Times.
Negotiations on the U.N. cybercrime convention progressed in January, but lingering issues remain, University Grenoble Alps Associate Professor of International Law Karine Bannelier writes in Lawfare. She said, “negotiations were marked by attempts by authoritarian states to transform this ...