According to recent reports, the European Data Protection Board has released guidelines on health data processing for research purposes and using Geo-location and other tracking mechanisms to combat COVID-19.The guidelines address the legal basis for processing, cross-border data transfers, safeguards for data subject rights, and more. With the Geo-location and tracking guidance, the EDPB has clearly stated the acceptable purposes for using location data or contact tracing while urging considerations for the effectiveness, necessity, and proportionality principles.
For more info: https://edpb.europa.eu/news/news/2020/european-data-protection-board-twenty-third-plenary-session-edpb-adopts-further-covid_en
The office of the Australian Information Commissioner has developed a toolkit that organizations can use to show their unabashed support for privacy during the Privacy Awareness Week, taking place from the 4th of May 2020 to the 10th of May 2020.The toolkit includes downloads for social media and email signatures, as well as internal communications employers can share about PAW. This year’s theme is “Reboot your privacy.”
For more info: https://iapp.org/media/pdf/resource_center/paw_2020_supporter_toolkit.pdf
The Digital Advertising Accountability Program has reportedly brought app developer Mammoth Media and the Recovery Centers of America into full compliance with the Digital Advertising Alliance’sAlliance’s best practices for privacy and interest-based advertising.
For more info: https://bbbprograms.org/media/details/privacy-group-brings-app-publisher-and-website-of-health-treatment-centers-into-compliance-with-best-practices
Nintendo, a popular video game company, in a post on their website, said an impersonation of its “Nintendo Network ID” resulted in “an illegal login” to approximately 160,000 Nintendo accounts.
The company revealed that superusers’ nickname, birth date, country/region, and email address might have been viewed by a third-party. Nintendo stopped login abilities through the Nintendo Network ID and reset passwords for NNID; they also informed that accounts that may have been affected.
For more info: https://www.nintendo.co.jp/support/information/2020/0424.html
According to the Washington Post, a data breach may have exposed the personal information of nearly 8,000 U.S. Small Business Administration emergency loan applicants to other applicants.The breach was discovered on the 25th of March 2020 and has reportedly lasted for an unknown amount of time. Affected personal information may include names, Social Security numbers, addresses, birthdates, and email addresses.
For more info: https://www.washingtonpost.com/business/2020/04/21/sba-data-loan-small-business/
According to Health IT Security, the non-profit health system Banner Health is expected to improve its information security program and pay up to $8.9 million to the 3.7 million patients impacted by a June 2016 data breach that occurred within its system.
A U.S. District Court of Arizona federal judge has approved a class-action lawsuit settlement with the said requirements. In the breach reported, hackers had accessed patient Social Security numbers, as well as health insurance and claims data.
For more info: https://healthitsecurity.com/news/judge-approves-8.9m-banner-health-settlement-over-2016-data-breach
ZDNet reports, Zoom, the teleconference app, announced the addition of data center routing further to protect user calls and accounts from data breaches. With the new routing, Zoom aims to increase ‘users’ trust that chats and encryption keys have not been hacked.Despite eclipsing 300 million users, companies worldwide continue to ban the use of the app, including recent abandonment by companies in both Germany and Sweden.
For more info: https://www.zdnet.com/article/zoom-adds-data-center-routing-security-updates/