GLBA

(Health) Data is What (Health) Data Does in Nevada

Retrieved on: 
Thursday, June 22, 2023
Accountability Act, Habit, Harm, Health status of Asian Americans, Disclosure, Gramm–Leach–Bliley Act, Privacy, Health data, Future of Privacy Forum, GLBA, Organization, Health Insurance Portability and Accountability Act, Professor, Sensitive, HIPAA, SB, Legislation, Insurance

(Health) Data is What (Health) Data Does in Nevada

Key Points: 
  • (Health) Data is What (Health) Data Does in Nevada
    Note: This title is inspired by Professor Daniel J. Solove’s recent essay, ‘Data Is What Data Does: Regulating Based on Harm and Risk Instead of Sensitive Data.’
    On June 16, 2023, Nevada Senate Bill 370 (SB 370) was signed into law by Governor Lombardo, making Nevada the second state, after Washington, to pass broad-based consumer health data privacy legislation this session.
  • The Washington ‘My Health, My Data’ Act (MHMD), which was enacted on April 27, 2023, established a first-of-its-kind, comprehensive framework within U.S. law for the protection of consumer health data and health-related inferences.
  • SB 370 and MHMD adopt similar, but not identical, frameworks for protecting personal health data.
  • By contrast, MHMD excludes data that is subject to HIPAA and GLBA, but not HIPAA and GLBA-regulated entities in their entirety.

Quirk Auto Group selects BIO-key’s PortalGuard® Cloud Solution to Meet Updated GLBA Act Safeguards Rule Requirements to Protect Consumer Data

Retrieved on: 
Tuesday, June 20, 2023
IDP, Workforce, MFA, International, Gramm–Leach–Bliley Act, Reynolds and Reynolds, Reynolds, Federal Trade Commission, GLBA, SAML, IBB, IAM, WALL

The Federal Trade Commission recently made important changes to the Safeguards Rule, bringing the GLBA in line with much more stringent security frameworks.

Key Points: 
  • The Federal Trade Commission recently made important changes to the Safeguards Rule, bringing the GLBA in line with much more stringent security frameworks.
  • BIO-key’s PortalGuard platform supports these updated rules with a modern approach for securing access to systems and data through its IBB, multi-factor authentication (MFA), and industry-standard SAML Identity Provider (IdP) capabilities.
  • One of the key project outcomes was identity and access management security and integration with the enterprise application Reynolds and Reynolds for enhanced corporate and consumer data protection.
  • "As organizations scale and/or have new compliance requirements to address, they often pick up additional solutions to address their needs.

New Apogee Cloud and Security Professional Services Simplify Higher Education Cloud Adoption and Strengthen Campus Security Posture

Retrieved on: 
Tuesday, June 6, 2023
Mobile, Wireless, Technology, Security, Software, Networks, Internet, Other Education, University, Data Management, Education, Cloud, NIST, Maintenance, Sequoia, College, College of the Sequoias, Amazon Web Services, TTP/A, Federal Trade Commission, Gramm–Leach–Bliley Act, RPO, Research, ERP, Banner, GLBA, Amazon, Risk, FTC, National Institute of Standards and Technology, AWS, Automation, Video game, Risk management, Online shopping, Management, Audit, Medical device, Apsis

From cloud readiness and migration projects to disaster recovery and information security planning, Apogee brings the expertise, tools, and processes higher education IT teams need to accelerate cloud adoption and strengthen their institutional security posture.

Key Points: 
  • From cloud readiness and migration projects to disaster recovery and information security planning, Apogee brings the expertise, tools, and processes higher education IT teams need to accelerate cloud adoption and strengthen their institutional security posture.
  • But many colleges and universities are struggling with limited cloud and security expertise and little time to devote to these strategies,” said Dave Fuhrmann, Apogee vice president of cloud services and security solutions.
  • These professional services include:
    Cloud Readiness Assessments create a mission-based cloud or hybrid cloud strategy and address staffing, budgeting, security, and planning parameters.
  • Components of the plan include:
    Programs by incident type including ransomware, email security breach, malware, denial of service, and more​;
    Apogee Cloud and Security Professional Services are available now.

Web Privacy Risk Evaluation Finds Almost One-Third of the S&P 500's Websites Are at Significant Risk of Online Data Privacy Violations

Retrieved on: 
Tuesday, May 23, 2023
Risk, Meta, Action Replay, Information technology, ECPA, Cookie, Data collection, Privacy, Research, Privacy by design, Standard, GLBA, Organization, Collection, CPRA, GDPR, VPPA, HIPAA, Software, Online shopping

REDWOOD CITY, Calif., May 23, 2023 /PRNewswire/ -- LOKKER, provider of online data privacy and compliance solutions for enterprises, today released new online privacy risk research for the Standard and Poor's 500 (S&P 500) websites. LOKKER's Web Privacy Risk Score findings revealed notable risk to consumers' personal information, with 30% of these organizations' websites found to be at medium or high risk. With regards to specific industries, information technology companies and financial services businesses were found to have websites with the most significant risk factors. LOKKER's Web Privacy Risk Score assessment tool quantifies a company's potential risk of privacy violations pertaining to the collection and sharing of customers' online information.

Key Points: 
  • LOKKER's Web Privacy Risk Score findings revealed notable risk to consumers' personal information, with 30% of these organizations' websites found to be at medium or high risk.
  • LOKKER's Web Privacy Risk Score assessment tool quantifies a company's potential risk of privacy violations pertaining to the collection and sharing of customers' online information.
  • To better understand where S&P 500 companies' websites – which consumers regularly interact with – stand with regards to online privacy, LOKKER utilized its Web Privacy Risk Score tool to evaluate their risk.
  • LOKKER found that 48% of S&P 500 information technology companies' websites had significant risk when it comes to consumer data privacy.

RegScale Selected as SC Media 2023 Excellence Award Finalist in the Best Regulatory Compliance Solution Category

Retrieved on: 
Tuesday, May 16, 2023
GRC, Office of Global Regulatory Operations and Policy, Education, SC, API, SOX, Movement, Government, GLBA, PCI, Organization, FFIEC, Risk, FISMA, Entrepreneurship, HIPAA, Legislation, Medical device, Nursing

TYSONS CORNER, Va., May 16, 2023 /PRNewswire/ -- RegScale, a real-time Governance Risk and Compliance (GRC) software company, today announced that its platform had been selected as a 2023 finalist for the prestigious SC Media Excellence Award in the Best Regulatory Compliance Solution category. Solutions honored in this category help companies in healthcare, retail, technology, financial services, government, and other highly regulated markets comply with specific regulatory requirements. Additionally, these solutions help customers meet mandates noted in such legislation as HIPAA, SOX, GLBA, FISMA, or in guidelines noted by standards bodies, including the FFIEC and the PCI Security Standards Council.

Key Points: 
  • TYSONS CORNER, Va., May 16, 2023 /PRNewswire/ -- RegScale , a real-time Governance Risk and Compliance (GRC) software company, today announced that its platform had been selected as a 2023 finalist for the prestigious SC Media Excellence Award in the Best Regulatory Compliance Solution category .
  • Solutions honored in this category help companies in healthcare, retail, technology, financial services, government, and other highly regulated markets comply with specific regulatory requirements.
  • "We are honored to be named a finalist for the Best Regulatory Compliance Solution," stated Anil Karmel, Co-Founder and CEO of RegScale.
  • 2023 SC Award winners will be announced during SC Awards week, scheduled to begin on August 21, 2023.

Sensedia Presents: 5 Reasons Why API Security and Governance Matter

Retrieved on: 
Thursday, May 4, 2023
Software, Technology, Internet, Security, Policy, API, Future of Privacy Forum, GLBA, Future, Fellow, GDPR, PCI-DSS, HIPAA, Management, Synthetic oil, Risk management

WHAT: Sensedia , the global leader in delivering API and microservice solutions, presents an expert panel discussion, 5 Reasons Why API Security and Governance Matter.

Key Points: 
  • WHAT: Sensedia , the global leader in delivering API and microservice solutions, presents an expert panel discussion, 5 Reasons Why API Security and Governance Matter.
  • Learn why API governance is critical to API security, design, and management.
  • Understand how API governance and security measures can help meet regulatory compliance like GDPR, HIPAA, PCI-DSS, and GLBA safeguards.
  • See why a robust API policy and process must include API security and governance.

A New Paradigm for Consumer Health Data Privacy in Washington State

Retrieved on: 
Wednesday, May 3, 2023
Accountability Act, Advertising, Health Insurance Portability and Accountability Act, Legislation, Family Educational Rights and Privacy Act, GoodRx, Privacy Act, Act, Washington State Legislature, Gramm–Leach–Bliley Act, Privacy, Record, IP, ID, Federal Trade Commission, The Act, Sale, Complaint, Organization, FERPA, GLBA, Supreme, Name, Future of Privacy Forum, Collection, WCPA, BetterHelp, Health, IDS, Policy, HIPAA, Mobile phone, Medical imaging, Agency
Key Points: 

Rego Payment Architectures, Inc. Invited by U.S. House of Representatives Committee on Energy and Commerce to Testify on Stronger Child Financial Transaction Data Privacy Laws

Retrieved on: 
Tuesday, May 2, 2023
United States Senate Commerce Subcommittee on Consumer Protection, Product Safety, and Data Security, Private sector, BLUE, Georgia Institute of Technology School of Cybersecurity and Privacy, COPPA, Intelligence, GLBA, Committee, Representative, Data, Hearing, FBI, Louisiana House of Representatives, House, Social media, Computer security, Cryptocurrency, Privacy

BLUE BELL, Pa., May 02, 2023 (GLOBE NEWSWIRE) -- Rego Payment Architectures, Inc. (“REGO”) (OTCQB: RPMT), a leading white-label family digital wallet platform provider for financial institutions, was invited by the House Commerce Innovation, Data, and Commerce Subcommittee of the U.S. House of Representatives, to provide testimony on April 27, 2023, on the importance of stronger regulations to protect children’s financial data and privacy.

Key Points: 
  • BLUE BELL, Pa., May 02, 2023 (GLOBE NEWSWIRE) -- Rego Payment Architectures, Inc. (“REGO”) (OTCQB: RPMT), a leading white-label family digital wallet platform provider for financial institutions, was invited by the House Commerce Innovation, Data, and Commerce Subcommittee of the U.S. House of Representatives, to provide testimony on April 27, 2023, on the importance of stronger regulations to protect children’s financial data and privacy.
  • “What we are experiencing now in the financial industry is the convergence of several trends, that, though individually benign, will collectively cause unnecessary harm to our nation’s children,” remarked Mr. Codling during his testimony.
  • “In my experience, no other financial technology company has a child’s financial data and privacy protection so integrated in its foundational strategy other than REGO,” said Mr. Codling.
  • A recording of the hearing, including REGO’s testimony, can be found at the following web address: https://www.regopayments.com/rego-payment-architectures-inc-invited-by-u...