Security news aggregator

Latest coverage for Privacy

Privacy concerns how laws and norms govern personal data, shaping cybersecurity duties for collection, storage, access, and disclosure.

6 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Privacy is the ability of people to control how information about them is collected, used, retained, and disclosed. In technical and legal contexts, it covers identifiable data and data that can support inferences about a person, not only information made public. Privacy rules and organizational policies commonly address purpose, transparency, access, correction, retention, and sharing.

For security practitioners, privacy depends on reducing unnecessary data and restricting legitimate access: data minimization, encryption, least-privilege controls, segregation of identifiers, retention limits, and audit logs all reduce exposure. Compromised credentials, misconfigured storage, excessive telemetry, or third-party access can reveal sensitive information; pseudonymized datasets may also be re-identified when combined with other data. During an incident, teams must establish what personal data was accessed or disclosed, contain further exposure, preserve evidence, and meet applicable notification and handling requirements.

Showing 6 most recent headlines Filtered view
Bank Info Security 2 years, 5 months ago

HHS Rule Aligns Substance Disorder Privacy Regs With HIPAA

Final Rule for 42 CFR Part 2 Changes Aims to Improve Patient Care CoordinationThe Department of Health and Human Services has finalized regulations to better align federal requirements for the confidentiality of substance use disorder records with privacy protections afforded under HIPAA. The aim is to improve care coordination while enhancing sensitive data protections.

Bank Info Security 2 years, 5 months ago

Google Settles Google+ API Data Leak Lawsuit for $350M

Plaintiffs Alleged Google Sought to Cover Up API Flaw That Exposed Private DataSilicon Valley giant Google agreed to settle for $350 million a shareholder lawsuit alleging it mislead investors by attempting to cover up a privacy flaw in now-defunct social network Google+ that resulted in outside applications having access to private profile information.

Bank Info Security 2 years, 5 months ago

Medical Center Fined $4.75M in Insider ID Theft Incident

HHS OCR Says a Malicious Worker Stole and Sold Patient Information in 2013HHS has fined a New York City medical center $4.75 million to settle potential HIPAA violations discovered during an investigation into a hospital insider who sold patient data to identity thieves in 2013. The hospital said it has beefed up its security and privacy since the incident occurred.

Bank Info Security 2 years, 5 months ago

Court: FTC Privacy Suit Against Data Broker Can Move Ahead

Judge Denies Kochava's Motion to Dismiss Agency's Claim of Privacy ViolationsA federal judge has denied Kochava's latest attempt to ditch a Federal Trade Commission lawsuit alleging the firm is invading consumers' privacy and exposing them to risk by collecting and selling their location data to third parties. The FTC is also pursuing other cases against data brokers.

Bank Info Security 2 years, 5 months ago

Robust Governance, Standards Needed for AI Adoption at Scale

IAPP's Ashley Casovan on Training and Certification Methods for AI GovernanceThe escalating adoption of generative AI has introduced concerns regarding data privacy, fake data and bias amplification. Ashley Casovan, managing director of the IAPP AI Governance Center, discusses the need to develop governance models and standardize AI systems.