Chino.io - Data Breaches

3 ways digital health apps can avoid scandal

October saw a worrying new form of crime targeting digital health. We are only now starting to see the implications. Here, I explain how you can help protect your users.

GDPR Compliance

Audit logs and audit trails for digital health applications

Logs and audit trails are a key requirement for GDPR and HIPAA compliance. In this blog, we examine what data you need to log and why.

Data Protection

Why data security is critical for healthcare

After every major data breach, people wonder how secure their personal data is. They briefly panic about it, but within days they have forgotten. For companies, the story is similar. All too often, they are lulled into a false sense of security about their own data security policies.

Data Breaches

Health data breach affects 24 million

A health data breach has revealed millions of patient records on the Internet. This highlights the critical importance of data security in healthcare.

Data Breaches

GDPR fines in Denmark: 3 important lessons

> GDPR threatens huge fines if you don’t comply. However, we often meet companies who think they will never face penalties. This is partly because some countries delayed enforcing GDPR. But as we

News

€320m! GDPR fines really hurt, and eHealth may be next...

The UK ICO has fined BA and Marriott a total of 320 million Euro. The scale of the fines has profound implications for every business. Here, we look at how this highlights the importance of GDPR technical measures, and the impact on eHealth.

Data Breaches

Whoops! The data security mistakes we all make

No data security is ever foolproof. There is always a weak link in the security chain, and all too often that link is a human. In this blog, we look at some of these human factors and suggest ways you can help to reduce these risks.

MDR

What MDR class is my software?

The new Medical Device Regulation promotes many eHealth apps to Class II or even Class III medical devices. Use our useful infographic to find out what MDR class your app is.

Data Protection

What is Pseudonymous data according to the GDPR?

Anonymisation and pseudonymisation are two key concepts for the General Data Protection Regulation (GDPR). The GDPR provides exceptions to many of the most burdensome provisions of the regulation when steps are taken to de-identify personal data using anoymisation or pseudonymisation.

MDR

MDR and GDPR – how are they related?

The new MDR becomes mandatory from 2020. Many eHealth applications will now be classed as medical devices. Here we discuss how MDR is related to GDPR and how they impact application development.

GDPR Compliance

[ITA] Certificazioni secondo la GDPR: il Garante Italiano fa il punto

Il Garante ha preso le distanze da entità o aziende che hanno offerto finora certificazioni alle imprese, per due motivi (come si può anche vedere nello schema soprastante).

Data Breaches

Data Breaches and Hacks in the Healthcare Sector - 2016 Global Trends

During 2016 data breaches techniques and attempts changed dramatically on a worldwide scale, and the healthcare sector was one of the most targeted fields.

Data Protection

What Digital Health businesses should know about GDPR Data Portability

As you may already know, the new GDPR (General Data Protection Regulation) will be effective from May 2018, introducing a new framework for everyone who processes EU citizens' personal data.

Data Protection

Dynamic IP addresses are personal data and why should care about it

The Court of Justice of the European Union (CJEU) has recently sentenced that dynamic IP addresses should be considered as personal data.

GDPR Compliance

Data storage breaches and fines in healthcare in 2014 in Italy

Processing sensitive data like, healthcare is risky. In the case of violations of rules, Data Controllers can incur into civil, administrative, and in some states even criminal sanctions. Depending on how Apps and services are distributed, Data Controllers can be represented by different figures.

GDPR Compliance

Sanzioni violazioni privacy, nuova GDPR e ispezioni Garante nel 2014

Il trattamento dei dati personali e sensibili come quelli sanitari è un’attività a rischio.