UIDAI, which administers the Aadhaar program, has some simple advice: Avoid behaviors such as what R.S. Sharma, chairman of the Telecom Regulatory Authority in India, did on Saturday, when he tweeted his Aadhaar number.
Reacting to the draft of a new data protection bill for India, which was released Friday, many security and privacy experts are saying the bill is thin on specifics and that if it's enacted into law, some of its provisions could prove challenging to implement.
In the wake of the Facebook/Cambridge Analytica scandal, India needs a strong data sovereignty policy to regulate data storage and use, says Vinit Goenka, governing council member of IT Task Force-Ministry of Railways.
The Ministry of Electronics and Information Technology late Friday released the long-awaited draft of a data protection bill, which now faces Parliamentary debate. The bill, which would require most data about Indians to be stored domestically, was drafted by a committee of experts headed by Justice B.N. Srikrishna.
Leading the latest edition of the ISMG Security Report: CipherTrace CEO Dave Jevans discusses recent research on cryptocurrency money laundering and whether regulation is possible. Plus, California passes a new privacy law.
Privacy rights groups are calling on the Court of Justice of the European Union to clamp down on at least 17 EU governments that require domestic telecommunications firms to store all communications data, despite the court having ruled that such mass surveillance practices are illegal.
As a committee headed by retired Supreme Court Justice B.N. Srikrishna prepares to release a draft of a data protection law for India, some security experts working closely with the panel say data sovereignty will be a priority issue.
At its core, HIPAA compliance is simply about maintaining patient privacy by ensuring the appropriate access to and use of patient data by your users. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed, but without visibility into what users do with sensitive patient data...
With Alabama and South Dakota recently becoming the last two states to adopt breach notification laws, notification processes become more complicated, says privacy attorney Adam Greene, who offers an in-depth analysis.
The unfolding story of Cambridge Analytica, which shows how personal information on millions of consumers was obtained via Facebook, demonstrates the degree to which our personal data can be weaponized against us.
Some security experts in Asia are raising concerns about legislation the European Union might soon consider that, if enacted, would force technology and social media companies to hand over customer data held outside the EU so it can be used in criminal investigations.
For public sector technology leaders evaluating technologies to combat malware attacks, this report offers important considerations for deploying cloud-based security.
Ransomware and other data security threats are a serious concern for any organization, but the stakes are higher and the risks are greater for...
The Payment Card Industry (PCI) established the Data Security Standard (DSS) in order to reduce the risk organizations and consumers face in relation to credit card fraud, hacking and various other security issues. A company processing, storing or transmitting credit card numbers must be PCI DSS compliant or it risks...
Adoption of the new General Data Protection Regulation (GDPR) is motivating organizations worldwide to improve existing technical controls for securing personal information. Organizations should be especially aware that the GDPR and other recent legal developments amplify the negative repercussions of a data security...
Singapore's new cybersecurity law passed earlier this week mandates that owners of critical information and infrastructure report cybersecurity incidents to the Cybersecurity Agency. Security experts discuss organizations' readiness to comply.