On July 20, 2023, the Federal Trade Commission (FTC) and the Department of Health and Human Services (HHS) issued letters to hospitals and telehealth providers “about the privacy and security risks related to the use of online tracking technologies integrated into their websites or mobile apps that may be impermissibly disclosing consumers’ sensitive personal health
Security Risk
Privacy Tip #367 – Update your Apple Operating System to 16.6 NOW
On Monday, July 24, 2023, Apple issued a security update to address vulnerabilities that have been linked to a spyware campaign. iOS 16.6 fixes 25 iPhone security flaws, several of which are being exploited by threat actors in the wild.
Apple says “This update provides important bug fixes and security updates and is recommended for…
MedEvolve OCR Settlement for $350,000 due to Alleged Failures to Protect Data
On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle management and practice analytics software services to health care entities. The settlement resulted from MedEvolve’s alleged violation of the Health Insurance Portability and Accountability…
Chinese Telecom Companies in Hot Water
Chinese cyber espionage and cyber-attack capabilities will continue to support China’s national security and economic priorities,” says Dan Coats, the Director of National Intelligence “Americans should not buy Huawei or ZTE products.” In March 2017 the Chinese Telecom company, ZTE, plead guilty to shipping US technology to Iran and North Korea, and reached a settlement…
Three Golden Rules for Managing Third Party Security Risk
Vendors which have access to company data continue to be a high risk when it comes to data security.
Check out this article I wrote that was published in Information Week Dark Reading to get tips on how to manage security risks with third parties: 3 Golden Rules For Managing Third-Party Security Risk