Why Are You Getting This?

You signed up to receive The Privacy Professor Tips, initiated contact to stay in touch with Rebecca and/or Privacy & Security Brainiacs (PSB) or consented to receive the Tips. Please read our Privacy Notice & Communication Info at the bottom of this message for more information. You may unsubscribe from there as well. 

Declare Your Independence from Privacy Pirates!

Don’t let privacy pirates from the digital high seas, or the physical land-lubbers steal your privacy. July is looking to be a particularly busy month, not just in the US as folks have their guards down while celebrating holidays, such as Independence Day, but also in locations all around the world. Cybercrooks never take a vacation from scamming people and stealing their identities and personal data. Especially now that they have AI tools to help them be even more deceptive in executing their crimes.

Speaking of pirates…I want to provide a couple of quick statements about intellectual property (IP) rights, and not pirating the IP of others.

• We are very happy when you share our Privacy Professor Tips, in whole or in part with others; we encourage it! However, please cite the appropriate reference to this source when you do. We make it super easy for you; see the citation at the end in the “Permission to Share” section for the statement to include. We’ve had several people notifying us of some of our questions/answers being included in other businesses’s white papers, articles, blog posts, etc., represented as being their original content. Not only is this not cool, it violates IP rights. Please share our work, respect our work, and include citations; thank you!
• On an even more serious topic, we were recently notified of a person claiming to be the founder of The Privacy Professor^® and violating multiple related legal rights. Many thanks to my friends, students and clients for notifying me of this situation. This is a situation anyone with a business could also find themselves in, even when taking all possible business precautions. We will provide a use case about this after all issues have been legally resolved. In the meantime, if you discover someone else claiming to be the founder, owner, or otherwise, of The Privacy Professor^®, please let us know using: info@privacysecuritybrainiacs.com

We received many feedback messages from our June Tips; thank you! We sincerely appreciate each person taking the time to write to us. We are happy to continue receiving positive feedback about the layout of our Tips, and the topics we are covering.

Do you have stories, examples, or concerns about the topics covered in this issue that you would like to provide feedback on? Send them over! We may discuss them in an upcoming Tips.

We hope you are finding all this information valuable. Let us know! We always welcome your feedback and questions. 

Thank you for reading!

Rebecca

We would love to hear from you!

July Tips of the Month

• News You May Have Missed
• Privacy & Security Questions and Tips 
• Data Security & Privacy Beacons*
• Where to Find the Privacy Professor

Thanks again for your positive feedback about our news items! You motivate us to continue looking for those stories that you’ve told us you not only enjoy reading, but that you also find valuable within your own business and personal lives. The following provides a wide range of interesting security and privacy related news that demonstrate that such types of risks exist basically anywhere in the world, and that everyone needs awareness. Here is a list of 20 such articles, most with associated quotes included, that our Privacy & Security Brainiacs team found interesting throughout the past month, in no particular order. Read next month for even more. Do you have interesting, unusual, bizarre or odd stories involving security and privacy? Let us know!

1.   Free wine hidden in small print claimed after three months. Tax Policy Associates added the clause in February as an experiment, to see if anyone would actually read the full terms. NOTE: How often do you, your family, friends and/or co-workers read privacy policies on websites?

2.   A Johnston, Iowa, man was arrested June 25 for allegedly placing a digital camera, disguised as a pen, in the dressing room of a West Des Moines Target store. NOTE: Stay alert for common-looking objects located in areas where you would expect privacy. These situations where disguised recording devices are found are increasing.

3.   Polk County, Iowa, using online surveillance software that critics say could be privacy overreach. 

4.   Cyberattacks crippled thousands of car dealers. Here’s what to know: the cyberattacks on CDK Global led to a shutdown of sales, financing and payroll systems for many dealerships in North America.

5.   New cars in California could alert drivers for breaking the speed limit. The technology, known as intelligent speed assistance, uses GPS technology to compare a vehicle’s speed with a dataset of posted speed limits. Once the car is at least 10 mph (16 kph) over the speed limit, the system would emit “a brief, one-time visual and audio signal to alert the driver.” NOTE: Several privacy groups are concerned about how this data may be shared.

6.   Rear-end crashes prompt probe into Amazon's Zoox self-driving cars. Either they learned to brake-check or motorcycles were following too close.

7.   Tesla recently recalled over 2 million cars in the U.S. following a two-year investigation by the National Highway Traffic Safety Administration (NHTSA) prompted by a series of crashes involving Tesla cars using the Autopilot feature. In response, Tesla released a software update in December for cars equipped with the system, adding more controls and alerts that would “encourage the driver to adhere to their continuous driving responsibility” while using Autosteer, a component of Autopilot.

8.   AI Is Deciphering Your Corporate Trade Secrets. AI can uncover hidden relationships, infer processes, and even reverse-engineer products that were once thought to be secure. This capability not only poses a risk to the financial health of companies but also raises serious legal and ethical questions.

9.   Ascension health system ‘making progress’ to restore systems after ransomware attack. Ransomware is continuing to increase in occurrences. All types of organizations need to review and update their backup and disaster recovery plans, along with training and awareness communications, to stem the increase in ransomware.

10. Windows AI feature that screenshots everything labeled a security ‘disaster.’ A new AI-powered Recall feature that screenshots everything you do on your PC every few seconds debuted on June 18^th. Everything in Recall is designed to remain local and private on-device. Despite Microsoft’s promises of a secure and encrypted Recall experience, cybersecurity expert Kevin Beaumont has found that the AI-powered feature has some potential security flaws.

11. 31% of cloud data breaches caused by human error or misconfiguration, according to a study of 2,961 tech professionals in 18 countries from Thales Group. 28% of cloud data breaches were from exploitation of a known vulnerability, and 24% were from exploitation of a zero-day vulnerability.

12. From CISA: Categorically Unsafe Software. “Many top software products fail to protect their customers from exploitation of the most common classes of defect.” NOTE: This is one of the reasons we are so passionate about our Secure Coding course, and upcoming related courses. We need to make our software more secure!

13. Starlink suffers 'degraded service' from solar storm but emerges intact. Unusually high activity from Sun may have also hastened Hubble's demise. DISCUSSION QUESTIONS: How could cybersecurity and physical security protections have been used to have limited the damages and degradations?

14. Planning to drive in another country? Here’s how to avoid International Driver’s Permit scams.

15. Maine Data Breach Notification. An Ohio Lottery breach impacted 538,959 people. 56 were Maine residents.

16. Wichita Eagle (may require email to read in some locations): Wichita police, traffic records compromised in cyberattack. Wichita police and traffic records were compromised in the ransomware attack on city government, giving hackers access to an unspecified number of people’s personal information, including names, Social Security numbers, driver’s licenses and other state IDs, and payment card information.

17. Japan, U.S. and others approve protocols for cross-border personal data transfers. Companies meeting security, privacy requirements can freely send information.

18. Europol confirms incident following alleged auction of staff data. Intelligence-sharing platform remains down for maintenance. The event hasn't been acknowledged as a break-in to the systems, although the European Union's crimefighting agency hasn't explicitly denied the legitimacy of the claims.

19. Tutor.com Faces Scrutiny Over Data Privacy Concerns. A Senate committee is investigating the Chinese-owned company.

20. Poland says Russian cyber-spies targeted government networks. In an interview with Ukrainian news service Economic Truth cited by Polish state news agency PAP, Digital Affairs Minister Krzysztof Gawkowski said Warsaw was constantly identifying cyberattacks from Russia on targets including the water supply and the health service.

Have you run across any surprising, odd, offbeat or bizarre security and/or privacy news? Please let us know! We may include it in an upcoming issue.



We continue to receive a wide variety of questions about security and privacy. Questions about HIPAA and personal health data are also increasing. Thank you for sending them in! This month in addition to our Question of the Month we’ve included four Quick Hits questions.

Are the answers interesting and/or useful to you? Please let us know! Keep your questions coming!

Question of the Month:



Q: I have a lot of questions about tech on my phones! When it comes to our tech, what are “cookies” and what is “cache”? Are they the same thing or related? If you think it’s a good idea, why should we delete these from our devices? Is there a reason why we shouldn’t delete cookies and cache? Anything else I should know?

A: Great questions! Since you’re asking about your phones, I’ll narrow the scope of my high-level answers to iOS and Android phones. 

Let’s say a friend asks you over for a brisket dinner via a text to your phone. And you wonder, “Is brisket beef? Pork? Chicken?” So, you do an online search and go to a website that explains what it is, along with showing recipes, and products to purchase. Later that day you start getting ads for brisket at grocery stores, in restaurants, etc. Is this creepy to you? Well, it is likely because of digital cookies and/or cached data.

Simply put, cookies are tiny data files that are written to your computing device. They can contain information about such things as words you used in online searches, and the web pages you visited. Cookies are also used to remember your preferences you’ve set within your browser, to track statistics on usage of various sections of web pages, digital properties of your device, and many other types of data.

Just like edible cookies, there are different types of digital cookies.

• Essential, or “strictly necessary” cookies. Generally, these are cookies that are needed to for a website to function correctly and do not require user consent. They remember what you are doing within a website as you go from page to page. For example, if you are on a retail site, and you want to buy multiple items that are on different web pages, they would use essential cookies so that you could fill your digital cart with those items, instead of needing to purchase each item separately on each item page. This is one way that essential cookies help to make your online shopping easier, as well as making it easier to do other types of page-to-page activities. Examples of essential cookies include session cookies, user-input (aka session-id) cookies, authentication cookies, load-balancing cookies, and user-centric security cookies (e.g., keeping track of incorrect login attempts). If you delete essential cookies, you may lose functionality at the associated websites, may need to sign into the site again if you had it set up to “stay logged in,” your saved preferences (e.g., language, currency, etc.) could be deleted, navigation of the website could be much harder, or may error out, and you would lose your cart data. 
• Non-essential cookies. Simply put, these are cookies that require user consent and are not needed for the site to function correctly. Some examples include analytics and customization cookies (e.g., tracking user activity), advertising cookies (e.g., customizing ads shown to the user based on browsing history), and social media tracking cookies (allowing users to share to social media sites, while tracking the website from where the shared data came from). One way to limit how your online activities are tracked, and keep comprehensive profiles from being created about you, is to delete these after you’ve visited a website.

Most Android and iOS browsers allow you to block cookies. However, if you block or disable cookies, largely the essential cookies, it may disrupt the functioning of the website. For example, the websites won’t remember passwords as you navigate throughout their site, which could be very frustrating for you. Most websites now show choices for which cookies to accept in cookie banners. A good rule of thumb for protecting your privacy is to block all cookies except for essential cookies.

A cache (pronounced like the money term, “cash”) on a mobile phone (and other computing devices) is the temporary storage area for data that can be used again at a future time. Cache is much different than cookies. Caching helps to make it quicker for your phone to load apps and websites. Why? The first time you visit a website, your browser downloads a copy of the site and stores it in your cache. When subsequently visiting the site, your phone doesn’t need to download the site; so you can load the page more quickly. If you visit that website where you first learned about brisket again, it will load more quickly.

Some apps, websites, and other technologies, are engineered to access cache, which raises privacy concerns because of all the data that is cached when you visit sites, such as the type of site, and the types of videos and images on that site. For example, the texting app you used probably now knows you visited a site where you were looking for information about brisket. Some of your other apps, such as those “free quiz” apps asking about silly topics, probably has access to your cache so it can send the app provider information about the websites you’ve visited. This would be in addition to any data from cookies that were set at that website.

Make sure you read those agreements on apps before downloading them; you may be giving them permission to take your cache data. Actually, some apps will take all data on your phone and have access to all your phone settings if you “agree” to allowing them to when you download them.

There are generally three primary reasons to clear cache regularly:

• Protect privacy. Clearing cache helps to limit how technologies such as websites and apps use data on your phone to track you. It also often removes user preferences for websites, websites visited, titles of videos watched and audio listened to, login information, shopping cart contents, and identifiers (aka user IDs) for server-based sessions. All this information is often used to build profiles about the phone user, and also to target them for ads and other types of contacts.
• Free-up space. Clearing your cache can free-up space on your device.
• Improve performance. Clearing your cache can free up random access memory (RAM), which can improve your phone's overall performance, especially if it's running low on memory. It can also improve issues with apps that are slow, crashing or freezing. Clearing cache can also sometimes force a browser or app to update and work as it should.

Depending your choices when you clear cache, you may need to sign-in to authentication-required sites again. Different versions of phone operating systems require different ways to clear cache. Changes to your phone can also impact how you clear cache.

For even more guidance and tips about these issues, here are some more of our resources: Visit our webpage; check out our blog; subscribe to our YouTube channel; follow us on LinkedIn.

Quick Hits:

Here are four more questions we are answering at a comparatively high level. We provide more in-depth information and associated details about these topics in separate blog posts, videos on our YouTube channel, in infographics and e-books, LinkedIn posts to our business page, and within our online training and awareness courses.

Q: I work with a lot of organizations that are focused on delivering innovation for patient care and patient care providers. It has been over 25 years since HIPAA was passed. How do you feel about that legislation and our commitment to it in the United States?

A: Yes, HIPAA was passed in 1996. Generally stated, the Privacy Rule, supporting one portion of the high-level goals of HIPAA, went into effect in 2003. The Security Rule, supporting another portion, went into effect in 2005.

Actually, the HIPAA regulations were forward-looking when they went into effect. The Privacy Rule had (and still has) many of the forerunners of what are in other privacy regulations worldwide, such as GDPR, passed many years later. For example, giving individuals access to their protected health information (PHI), a type of personal data; requiring accounting of disclosures of PHI to the associated individuals; rights for individuals to view and obtain a copy of their PHI; rights to correct their associated PHI; requiring consent from individuals to share their PHI except for directly specific treatment, payment and operations (TPO) purposes; and many more individual privacy rights. In addition to providing what was generally the first private industry comprehensive data protection regulation in the US.

Also, over the years HIPAA has been updated several times.

In hindsight, I believe it was a mistake that no monetary penalties or meaningful sanctions were applied by the regulatory oversight agency, HHS OCR, when HIPAA first went into effect. The reason they weren’t was logical; generally, to give organizations who were just learning about HIPAA requirements a chance to take actions without being penalized. Giving them the benefit of the doubt, if you will. However, based on copious amounts of research and our own experiences with hundreds of CEs over the years, the majority of CEs simply interpreted no actual penalties for HIPAA non-compliance to meaning they would not face consequences for non-compliance. Actual resolution agreements started in 2008 when Providence Health & Services (Providence) agreed to pay $100,000 and implement a corrective action plan (CAP) in a resolution agreement for losing data backup media and laptop computers containing PHI in 2005 and 2006. No additional amounts of money, as penalties, were applied in this first case. Now, there are additional penalties usually applied, some quite large, depending on the circumstances.

Commitment to HIPAA has grown over the years, and it is now enforceable by not only the HHS OCR, but also by every State AG, who have taken enforcement actions many times over the years. Also, while private actions for non-compliance with HIPAA is not provided as a legal right by the HIPAA regulation, not having HIPAA requirements in place has been a significant factor in many civil cases following privacy breaches when those whose data has been breached have taken hospitals or insurance companies to court. I’ve been involved in such cases as an expert witness.

Q: In December 2023, the U.S. Department of Health and Human Services reported that the medical data of more than 88 million people was exposed in the first 10 months of 2023. The department also saw a 93% increase in large, health care-related breaches reported to the agency between 2018 and 2022. Would you agree that cybercrime is on the rise in the health space?

A: Cybercrime in the healthcare industry is absolutely on the rise! In the healthcare space, and generally all other sectors. Absolutely! There is more data as a result of more digital computing products, and more types of healthcare products that collect more data through medical devices, and other types of IoT products. Add to this the fact that healthcare data is much more valuable to cybercrooks than other types of data, and it becomes a popular target. Plus, the manufacturers of new tech are largely not building in security and privacy capabilities, making it hard for those using them to use them securely in a way that protects data and privacy. This includes healthcare CEs and their business associates (BAs).

Cybercrimes continue to increase from the use of breached health data. A new study from QR Code Generator analyzed each U.S. state’s number of health data breaches reported between 2009 and 2024 to the HHS OCR, by comparing this with 2021 U.S. Census Bureau data on the number of organizations handling health data in each state to see which state has the highest rate of health data breaches per 100 health firms. The study also examined what types of data breaches were most common in each state and how many individuals were affected by each state’s health data breaches. They created and provided the following very interesting tables showing their research findings. After reviewing these statistics, it is not surprising that cybercrime is continuing to increase in the healthcare industry.

Q: I am a systems administrator, and was assigned responsibility for cybersecurity at my small (around 100 employees) business around a year ago. However, I have no formal training in cybersecurity. I was recently blindsided when the owner of our business recently asked me what “fake network traffic” was, since this has become a topic in several of her business management associations’ meetings. I’ve never heard of this before! What should I tell her? 

A: That is very smart to stay up-to-date on what your company’s executives are concerned with regarding security and privacy. All security, privacy and IT pros should be doing this.

Fake traffic, generally described, is network traffic that is not associated with real-life persons or other types of real-life entities or transactions. Fake traffic is found on the internet, and also within organizations’ networks. Such traffic often includes such things as fake users, websites, many more types of fake entities, as well as fake data.

Fake network traffic is used for both cybersecurity benefits, in addition to defeating cybersecurity protections. We have described such concepts in depth within several of our private courses. Here is a high-level overview. Let us know if you are interested in learning more about the details of each.

In beneficial ways…there are many ways fake traffic is used for improving cybersecurity. A few examples include:

• Creating fake network traffic can be used to deceive attackers in segments of the network to serve as a type of honeypot, which is a type of decoy designed to look attractive to attackers used to detect attacker activities. 
• Creating fake network traffic is often used to stress test applications. We use this during the development of our own SaaS applications.
• Creating fake network traffic is also often used when testing network configurations.



In harmful ways to business…here are a few examples:

• From a marketing perspective, fake traffic is a concern because it wastes valuable advertising dollars, pollutes funnels with invalid leads, and ultimately changes analytics used to make critical decisions.
• Fake traffic can create significant reputational risks for brands and businesses. Consider the Twitter, aka X, problems with fake bots. How many businesses will purchase ads on a platform with a disreputable bot problem?
• Creating fake ‘users’ to exploit a company's sign-up incentives at a massive scale. For example, in February 2022, PayPal discovered approximately 4.5 million fake users on its payment processing platform program. When shareholders found out about the failures in the company’s customer acquisition strategy and the accuracy of its user-growth reporting, stock fell sharply; down 25% in just 24-hours.

In harmful ways for cybersecurity…here are a few examples:

• Such fake network traffic can divert cybersecurity pros’ attention away from actual attacks occurring elsewhere in their network.
• Fake traffic can result in successful DDoS attacks. These attacks generate a flooding of fake network traffic to interfere with targeted servers or network links, making them unavailable to valid network users.
• Today, there is an increase in the number of infected devices, even more with the increased use of the Internet of Things (IoT) products, increased incorporation of employee-owned computing devices, unfettered use of downloaded (by employees, contracted entities and individual users) apps that often greatly increase traffic. Growing portions of which include use of AI that is surreptitiously utilizing huge amounts of traffic, utilizing coordinated sophisticated botnets that are hard to detect with current network tools, which can be used to intensify DDoS attacks.
• There are also apps creating fake traffic, used to generate revenue for cyber scammers. For example, DressCode malware, first identified in 2016, was infecting Android operating systems, creating botnets for malicious attackers who created fake network traffic using IP addresses, allowing them to generate revenue based upon traffic metrics that included fake traffic.

Generally, any type of traffic that is generated and not meant to be a real person, real device, real transaction, real data, etc. is fake network traffic. A 2022 Imperva research report found that 47.4% of all internet traffic was fake traffic generated by bots. 

Q: Are data breaches increasing, decreasing, or staying about the same?

A: Glad you asked! Recent studies have been published about this topic.

A new study conducted by SOAX, a data collection organization, analyzed data from the Identity Theft Resource Center (ITRC) on the number of data violation cases from 2020 to 2023 by industry. Each industry has been ranked based on its number of data violation cases in 2023, revealing an astounding rise in cyberattacks from 2022 to 2023:

• The United States experienced a total of 3,205 data breaches in 2023, a 78% increase from 2022.
• 353,027,892 victims were impacted across America by cyberattacks in 2023.

Here is a table from SOAX summarizing the victims per industry:

Cybersecurity threats continue to evolve, posing a threat to all industries across the United States.

We get many suggestions for beacons from our readers and Rebecca’s podcast/radio show listeners; thank you! We include many of them when the suggestions are for businesses other than the suggester’s. Typically for those the suggester feels deserve recognition for noteworthy data security and privacy actions. However, we do not include businesses, organizations, or people trying to promote themselves to get free marketing, and we do not take payments to put organizations or people on this list. We try to contact as many as possible after publishing our Tips to let them know we put them on our beacons list, though. If you have someone or an organization to suggest, let us know! We may include them in an upcoming Tips issue.

• The movie, “Thelma.” A new feature-length movie was released to theaters in the US on June 21. This is a first for us; recommending as a beacon a movie that we’ve not actually viewed…yet. Here’s the synopsis, “When 93-year-old Thelma Post gets duped by a phone scammer pretending to be her grandson, she sets out on a treacherous quest across the city to reclaim what was taken from her.” The reviews have been spectacular. The Washington Post review also advised, “Stick around through the credits for a postscript: brief footage of the real Thelma, Margolin’s own grandmother, whose near-scamming inspired the movie and whose endless curiosity and zest have been imported intact to her namesake. Last we heard, she’s 104 and going strong.” Have you seen this movie? What did you think of it? Think it raised awareness about those who scam seniors?
• Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Environmental Protection Agency (EPA). For their jointly-authored publication, Incident Response Guide for the Water and Wastewater Systems (WWS) Sector. If you know professionals in the public works and/or water utilities industries, consider suggesting this to them.
• IANS. For creating a new type of Privacy Framework with actionable items and associated management support for organizations. Rebecca was asked to create this for IANS, which she was thrilled to do! It is being released in July.
• Ben Rothke. For his informative June 7 article, “There’s a lot of money to be made in crypto — if you are a scammer.” Great advice, Ben!
• Gal Shpantzer. For sending us a heads-up for this short, great awareness video, “Anonymous,” about breaking promises in online and employee surveys, and subsequent online tracking.
• The Wayback Machine. For archiving websites, books, TV shows, and more, since 1996 as part of the non-profit Internet Archive. The June 23, 2024, CBS News Sunday Morning show did an interesting segment about this.
• Reuben Paul. For his advice when he was 11 years old about protecting your privacy. Talk about going way back…at least a few years back. Here is great advice from a highly insightful child about security and privacy from 2017 that still applies today.  
• Identity Theft Resource Center (ITRC). For their “2023 Trends in Identity Report,” and associated infographic.

*Privacy Beacons do not necessarily indicate that an organization or person is addressing every privacy protection perfectly. It simply highlights a noteworthy example of privacy-aware practices.

Check It Out!

We have published the episode 4 of our “2-Minute Warning” security and privacy videos.

PSB 2-Minute Warning Episode 4: Harms Caused by Posting Personal Data to Online Sites

This month we will be publishing the next episode of our 2-Minute Warning videos.

“HIPAA Basics for Business Associates: 2024 Edition.” Check it out at our site. This month we will be publishing our new online course, “HIPAA Basics for Covered Entities: 2024 Edition.”

What topics would you like to see us create online courses for? Let us know!

We are proud to announce that Rebecca was the highlighted alumna of the 1^st quarter issue of one of her alma maters, the University of Central Missouri (UCM), where she graduated Summa Cum Laude with B.S. degrees in Mathematics and Computer Science. You can see what they wrote, and her 7 tips to help prevent being a victim of cybercrime here.

Debbie Laskey included my answers to her leadership questions in her "Spring Leadership Series." Thank you, Debbie

Rebecca’s article, “Best practices for securing critical and public infrastructure,” was published in Security Magazine.

Rebecca provided insights to Cam Sivesind’s SecureWorld article, “The Promise and Perils of AI in Healthcare.”

On June 6 at 4:00 PM Eastern, Rebecca was a panel member and moderator for the Identity and Access Management Solutions Review Mini Jam Live Session, "Passkeys: The Great Password Killer." It was an interesting and insightful conversation. With fellow panel members Chase Doelling,  Jason Kent, Kayne McGladrey, and Pedro Martinez.

On August 28, Rebecca will provide the ending keynote for the SecureWorld virtual Manufacturing & Retail conference. Her talk is titled, “Navigating the Future: Privacy and Cybersecurity Challenges in the Era of an All-Connected World.” Use this link to register for free and get 6 CPEs: 

https://www.engagez.net/sw-manufacturing-retail-2024#lct_last=lobby&lct=entrance

On May 1, Rebecca gave the opening keynote for the 2^nd Annual SecureWorld Healthcare Virtual Conference. Titled, “Navigating the Future: Privacy and Cybersecurity Challenges in the Era of Smart Medical Devices.” If you missed it, you can still register for this free event, and watch the recordings of the talks, which will be available until August 1. CPEs will also be given for watching the event. To watch it, click, “View This Event,” then, “Register Now.” It is free.

Announcement! Plan now to attend Rebecca’s 2-day course with EPIC live, online training November 21. “Cybersecurity for Engineers and Technical Professionals.”

The Privacy Professor | Website

Privacy & Security Brainiacs| Website

Permission to Share



If you would like to share, please forward the Tips message in its entirety. You can share excerpts as well, with the following attribution:

Source: Rebecca Herold. July 2024 Privacy Professor Tips

www.privacysecuritybrainiacs.com.

NOTE: Permission for excerpts does not extend to images.

Privacy Notice & Communication Information

You are receiving this Privacy Professor Tips message as a result of:

1) subscribing through PrivacyGuidance.com or PrivacySecurityBrainiacs.com or

2) making a request directly to Rebecca Herold or 

3) connecting with Rebecca Herold on LinkedIn. 

When LinkedIn users invite Rebecca Herold to connect with them, she sends a direct message when accepting their invitation. That message states that in the spirit of networking and in support of the communications that are encouraged by LinkedIn, she will send those asking her to link with them her monthly Tips messages. If they do not want to receive the Tips messages, the new LinkedIn connections are invited to let Rebecca know by responding to that LinkedIn message or contacting her at rebeccaherold@rebeccaherold.com. 

If you wish to unsubscribe, just click the SafeUnsubscribe link below.