Data brokering has become a multi-billion dollar industry, with the personal data of millions across the world being accumulated and traded in the hope of driving corporate growth while promising enhanced consumer experiences.
Hospitals, insurance companies, and debt collectors need to step up their communication efforts to prevent the illegal collection of medical debts that have been previously paid or covered by providers’ charity care programs, according to the CFPB in its report to Congress on the status of the FDCPA, issued on September 5, 2024. Communication to consumers from debt collectors should provide more specific information about debts to enable consumers to identify the accounts on which collectors seek payment, as well.
As businesses move online and data becomes a critical asset, organizations must navigate a minefield of potential threats. And with the news Thursday (Sept. 12) that Lehigh Valley Health Network (LVHN), one of the largest primary care groups in Pennsylvania, has paid a $65 million settlement to patients impacted by a breach that saw their sensitive personal information stolen by a criminal ransomware gang, socializing best practices across the entire organization and fostering a culture of security is top of mind for firms across sectors — particularly for leaders like chief information security officers (CISOs).
Fortinet on Thursday confirmed suffering a data breach impacting customers after a hacker leaked files allegedly belonging to the cybersecurity company. The hacker, who uses the online moniker ‘Fortibitch’, made the announcement on a popular hacking forum and claimed that the data — 440 Gb in total — came from an Azure Sharepoint instance.
Since the passage of the California Consumer Privacy Act (CCPA) in 2018, other U.S. states have followed suit by enacting comprehensive consumer data privacy laws in rapid succession. While these state consumer privacy laws tend to have similar themes and address comparable topics, there are also important differences among them — meaning a one-size-fits-all data privacy program will not suffice. Given that the federal government has yet to pass a comprehensive consumer data privacy law, organizations must ensure they comply with the law of each applicable state and monitor this rapidly evolving regulatory environment.
.jpg)
.jpg)