The aftermath of COVID-19 may change the way attorneys and other legal professionals think about or execute their work, but the privacy landscape could remain largely untouched. While obligations under the Health Insurance Portability and Accountability Act have been temporarily relaxed to facilitate the public’s access to telemedicine, the enforcement Read More
The Institute of Internal Auditors has released a new report to assist internal auditors in assessing their current level of preparedness regarding privacy and data protection issues. The first guide in a three-part series, “Privacy and Data Protection — Internal Audit’s Role in Establishing a Resilient Framework,” provides guidance on Read More
A data breach at health care provider Nebraska Medicine came to light during an internal audit of the system’s electronic medical record system. The hospital notified the Nebraska Attorney General’s office on November 27, and notified affected patients on December 2. The breach involves unauthorized access by an employee, who Read More
As organizations continue to collect customer and employee data, chief audit executives are becoming increasingly concerned about how their organizations govern and protect it, according to a new report from research and advisory firm Gartner. According to Gartner’s annual Audit Plan Hot Spots Report, data governance has risen to the Read More
A new study examines the biggest challenges impacting IT audit professionals as they navigate an evolving risk landscape in an era of digital transformation. The 2019 Global IT Audit Benchmarking Study is the eighth annual audit research project conducted by consulting firm Protiviti and ISACA, a professional association for IT Read More
Facebook has suspended tens of thousands of applications on its platform during an internal audit investigation it launched into app developers following the Cambridge Analytica scandal. Many were found to be improperly harvesting user data. “To date, this investigation has addressed millions of apps. Of those, tens of thousands have Read More
Businesses today cannot be separated from their digital assets. Data drives every aspect of business, from strategic decisions to tactical operations, and all that data is stored in, accessed by, and transmitted across networked systems. Keeping cyber risks under control is a critical issue for any company. Even small, non-tech-oriented Read More
Equifax has agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement with the Federal Trade Commission, the Consumer Financial Protection Bureau (CFPB), and 50 U.S. states and territories, which alleged that the credit reporting company’s failure to take reasonable steps Read More
French data protection regulator CNIL has imposed a €50 million ($57 million) fine on tech giant Google for failing to comply with the EU’s General Data Protection Regulation (GDPR). The EU privacy law, which took effect last May, is among the most strict set of data privacy regulations in the Read More
Among the many things that may keep internal auditors up at night are cybersecurity, compliance, and data security and protection, according to a recent survey by the Chartered Institute of Internal Auditors. These top three concerns significantly outrank other risk categories like human resources, regulatory change, and digitalization, although, of Read More
