DATE: April 22, 2025 at 03:19PM
SOURCE: HEALTHCARE INFO SECURITY

Direct article link at end of text block below.

Potential #DataPrivacy #Regulatory Hurdles Facing #Telehealth https://t.co/p3qiwcPoSn #NYS

Here are any URLs found in the article text:

https://t.co/p3qiwcPoSn

Articles can be found by scrolling down the page at https://www.healthcareinfosecurity.com/ under the title "Latest"

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Healthcare security & privacy posts not related to IT or infosec are at @HIPAABot . Even so, they mix in some infosec with the legal & regulatory information.

-------------------------------------------------

#security #healthcare #doctors #itsecurity #hacking #doxxing #psychotherapy #securitynews #psychotherapist #mentalhealth #psychiatry #hospital #socialwork #datasecurity #webbeacons #cookies #HIPAA #privacy #datanalytics #healthcaresecurity #healthitsecurity #patientrecords @infosec #telehealth #netneutrality #socialengineering

Just catching up on news now?
No worries.
I gotchu, boo.

I paid attention to the #InfoSec and #DataPrivacy news from over the weekend so you wouldn't have to! 

Read, subscribe, share!

“What'd I Miss?" The Sherpa Intelligence Weekend News Roundup for April 18-20, 2025.

https://sherpaintelligence.substack.com/p/whatd-i-miss-april-18-20-2025

Google's "Results about you" (which you should use: https://myactivity.google.com/results-about-you) alerted me that my name and address were listed on kompass.com.
I looked, and I'm listed as a "Principal" of a former employer where I never was, with my home address falsely listed as the company's.
It lists the wrong business category and website for the company.
The company went out of business years ago, years after I left.
This illustrates how accurate B2B lead generation data brokers are.
#Kompass #dataPrivacy

ICYMI: Meta to use public posts to train AI models, users can opt out https://ppc.land/meta-to-use-public-posts-to-train-ai-models-users-can-opt-out/ #Meta #AI #Privacy #DataPrivacy #SocialMedia

ICYMI: Meta to use public posts to train AI models, users can opt out: Meta announced plans to harvest public user content for AI training, raising privacy concerns. https://ppc.land/meta-to-use-public-posts-to-train-ai-models-users-can-opt-out/ #Meta #AI #Privacy #DataPrivacy #SocialMedia

Palantir is facing renewed scrutiny over its $30M contract with ICE — but the company is doubling down on its mission.

Y Combinator founder Paul Graham criticized Palantir for building tech that powers what he called the “infrastructure of the police state.” The comments were sparked by filings revealing that ICE is working with Palantir to develop an “Immigration Lifecycle Operating System” — a tool designed to help identify deportation targets and monitor self-deportations in near real-time.

In response, Palantir’s global head of commercial, Ted Mabrey, issued a strong defense of the company’s work:
- He cited Palantir’s origins with DHS after the murder of Agent Jaime Zapata in an anti-cartel operation
- He emphasized the life-saving potential of Palantir’s software and the high stakes its engineers face
- He framed the criticism as a familiar attack on mission-driven government tech, referencing Google's Project Maven
- He reiterated the company’s values: belief in mission, resilience under scrutiny, and commitment to lawful use of technology

While Mabrey didn’t directly address Graham’s challenge to formally commit that Palantir won’t support unconstitutional practices, he noted the company has made that commitment internally and publicly “in many ways from Sunday.”

Palantir continues to recruit with a clear message — that Western democracies must not lose their technological edge and that responsible partnerships with government are essential.

What this debate highlights:
- The growing divide in tech around public sector work, especially involving surveillance and law enforcement
- The challenge of building secure tools that serve national interests while protecting civil liberties
- The reputational risks companies face when government contracts intersect with immigration and constitutional rights

At @Efani, we’re deeply aware of the tension between innovation and privacy — and this is a reminder that cybersecurity, data ethics, and constitutional accountability must evolve together.

I paid attention to the #InfoSec and #DataPrivacy news from over the weekend so you wouldn't have to!

Read, subscribe, share - "What'd I Miss?" The Sherpa Intelligence Weekend News Roundup for April 18-20, 2025.

https://sherpaintelligence.substack.com/p/whatd-i-miss-april-18-20-2025

Alright I now regret using #Firefox. Not because #Mozilla did shoot with the source code. Because its blocker doesn't protect my #privacy. I also regret reading about ADHD on my Android phone on #Chrome or even having a normal #Android phone.

Last week I read about ADHD on the web using Android's stock Chrome, now Google ads is showing me advertisements about ADHD. Down with you Google.

If anyone cares about their privacy, they should avoid #Google like #plague It's a pity still people use the services it offers including the search engine.

The #Web has become a bad and creepy place. For now I'm switching to #LibreWolf.

New Tool Exposes How Ads in Apps Use Network Data Tracking to Trace Your Location

#MobilePrivacy #AppSec #DataPrivacy #AdTech #Privacy #Cybersecurity #InfoSec #LocationTracking #DataBroker #Surveillance #Android #iOS #PrivacyTools #SecurityResearch

https://winbuzzer.com/2025/04/20/new-tool-exposes-how-ads-in-apps-use-network-data-tracking-to-trace-your-location-xcxwbn/

EU's attempt to fix GDPR enforcement backfires spectacularly: How a well-intentioned regulation became a bureaucratic nightmare. https://ppc.land/eus-attempt-to-fix-gdpr-enforcement-backfires-spectacularly/ #GDPR #DataPrivacy #EURegulations #Bureaucracy #DigitalRights

This is been a common trend across many companies. Government sponsored data breaches are a major threat.

https://www.youtube.com/watch?v=3yD9WMbTsDQ

Nein, auch Du hast etwas zu verbergen. Legt Widerspruch ein gegen die Verwendung Eurer Daten zum Trainieren KI von #Meta in #Facebook, #Instagram oder #WhatsApp #Datenschutz #DataPrivacy > https://bit.ly/43W0gYw

A new U.S. House report on DeepSeek highlights how one Chinese AI model may be quietly reshaping global AI strategy — and risking American data privacy.

The House Select Committee on the CCP has released findings on DeepSeek’s R1 model, revealing:
- $420M in funding from High-Flyer Quant, a Chinese trading firm
- Access to 10,000+ NVIDIA A100 chips via the Firefly supercomputing infrastructure
- Ties to China's surveillance ecosystem, including China Mobile
- Allegations of illegal training data use and export control circumvention
- App behavior that mimics spyware: collecting device IDs, typing cadence, and chat history

Lawmakers warn that DeepSeek:
- Functions as an open-source intelligence asset for China
- Circumvented guardrails from U.S. AI companies to accelerate its own development
- Operates under a tightly controlled tech ecosystem with deep state-linked partnerships

An OpenAI exec told the committee that DeepSeek “circumvented guardrails to extract reasoning outputs,” accelerating their model using techniques like distillation — potentially copying U.S. tech at lower cost.

Even more concerning:
- User data is routed via infrastructure tied to China Mobile
- DeepSeek does not encrypt much of its traffic
- It censors content critical of the Chinese government

What this means:
- Export controls alone aren’t enough — the U.S. must improve early threat tracking
- Agencies should restrict procurement and usage of Chinese AI models
- More visibility and scrutiny are needed around AI supply chains and infrastructure

At Efani, we believe real AI security starts with understanding who’s behind the tools we use — and where our data ends up. This report is a wake-up call for all of us building or relying on AI systems today.

A judge in Nevada has ruled that “tower dumps”— the law enforcement practice of grabbing vast troves of private personal data from cell towers — is unconstitutional. Read more at @404media. #DataPrivacy #4thAmendment #Tech #Technology https://flip.it/76ymUv

The countdown to the weekend begins with Five for Friday, the Sherpa Intelligence roundup of #InfoSec and #DataPrivacy news you may have missed from this past week April 14-18, 2025!

Read! Subscribe! Share!
https://sherpaintelligence.substack.com/p/five-for-friday-18-april-2025

Interested in an easy to use one-click for users #Wireguard setup?

We are maintaining an #IPv6 enabled and up-to-date version of #wg-access-server.

Want new features or contribute?

Go here:
https://github.com/freifunkMUC/wg-access-server

Our own VPN servers are also running this server.

https://vpn.ffmuc.net

ICYMI: Navigating the Hidden Risks of LLMs in Modern Marketing https://ppc.land/navigating-the-hidden-risks-of-llms-in-modern-marketing/ #Marketing #DataPrivacy #LLM #DataProtection #PrivacyChallenges

ICYMI: Navigating the Hidden Risks of LLMs in Modern Marketing: An in-depth examination of privacy challenges posed by large language models and effective mitigation strategies for data protection compliance. https://ppc.land/navigating-the-hidden-risks-of-llms-in-modern-marketing/ #Marketing #DataPrivacy #LLM #DataProtection #PrivacyChallenges

EGroupware Maintenance Release 23.1.20250416
Great new features and some fixes
Release notes:
https://help.egroupware.org/t/egroupware-maintenance-release-23-1-20240416/79030

Ameriprise Financial, a Fortune 500 company, notified thousands of customers that an ex-employee's error exposed their personal details.

#privacy #cybersecurity #databreach #datasecurity #dataprivacy

https://cnews.link/ameriprise-financial-advisor-data-breach-clients-1/