stefan – Page 82 – Privacy Design®

HIPAA OCR Health Mobile App Developer Portal

https://hipaaqsportal.hhs.gov/

xcertia mhealth mobile app guidelines

https://xcertia.org/the-guidelines/

June 13, 2019June 13, 2019

NCCoE NIST Cybersecurity Practice Guide, Mobile Device Security: Cloud and Hybrid Builds

was released on February 21, 2019. For ease of use, the draft guide is available to download or read in volumes:

SP 1800-4a: Executive Summary
SP 1800-4b: Approach, Architecture, and Security Characteristics
SP 1800-4c: How-To Guides

https://www.nccoe.nist.gov/projects/building-blocks/mobile-device-security/cloud-hybrid

HealthIT.gov – How Can You Protect and Secure Health Information When Using a Mobile Device?

https://archive.healthit.gov/providers-professionals/how-can-you-protect-and-secure-health-information-when-using-mobile-device

Spanish DPA (AEPD): Analysis of Information Flows in Android – Tools for compliance with Accountability

The objectives of the study focus on:

Defining the context and conceptual framework of the detection of the personal data communications in applications executed on an Android operating system.
Demonstrating the elevated risk in the mobile application environment of leaks of personal data and the need to carry out an evaluation of data flows
Studying the existing techniques for the detection and analysis of personal information flows in Android Applications.

https://www.aepd.es/media/estudios/estudio-flujos-informacion-android-en.pdf

June 13, 2019June 13, 2019

Data quality and artificial intelligence (AI) – mitigating bias and error to protect fundamental rights

https://fra.europa.eu/en/publication/2019/artificial-intelligence-data-quality

June 13, 2019June 13, 2019

Zulässige Speicherfrist bei Bewerberdaten nach Abschluss des Bewerbungsverfahrens

Sieben Monate nach Abschluss des Verfahrens
https://www.dataprotect.at/2019/06/10/zul%C3%A4ssige-speicherfrist-bei-bewerberdaten-nach-abschluss-des-bewerbungsverfahrens/

Spanish DPA fine LaLiga 250,000 euros for a mobile app that uses microphone to find unlicensed soccer viewing in bars

.. without informing the users..

https://www.eldiario.es/tecnologia/Agencia-Proteccion-Datos-Liga-microfono_0_908859408.htm

June 13, 2019June 4, 2020

Danish DPA fines IDesign S/A (a furniture company) ~200,000 EUR for data retention issues.

https://www.datatilsynet.dk/tilsyn-og-afgoerelser/afgoerelser/2019/jun/tilsyn-med-iddesigns-behandling-af-personoplysninger/

Data deletion, data retention concepts

Hackers installed advanced backdoor on Android device

Advanced backdoor were pre-installed on Android devices before they left the factories in 2017.

https://arstechnica.com/information-technology/2019/06/google-confirms-2017-supply-chain-attack-that-sneaked-backdoor-on-android-devices/