π₯ A significant ransomware cyberattack has taken place against a service provider that serves multiple π₯ hospitals in Romania.
The attack, which took place February 11/12, targeted the βοΈ Hipocrate Information System (HIS), a critical tool used by hospitals to manage medical activities and store patient data. The attack resulted in the encryption of the HIS database, rendering it inaccessible and offline.
While 26 hospitals have already been confirmed to have had their data encrypted by the attackers, 75 other healthcare organisations using HIS have also taken their systems π offline as a precautionary measure while the incident is investigated.
It is not yet known what, if any, personal or medical information of patients was stolen during the incident.
News updates indicate that the situation has been resolved by most hospitals and that the National Cyber Security Authority has recommended tighter security measures.… read more
πThe direction of the new AI Act seems clear: to impose a new set of obligations on providers of general-purpose AI models, including in relation to copyright ©οΈ and data use.
Indeed, a provider wishing to enter the EU market will have to adopt new policies to comply with EU copyright law, or disclose a sufficiently detailed summary of the content used to train the model, amongst other provisions.
However, the AI Act does not address the scope of the TDM (text and data mining) exception under Article 4 EUCD, [which includes TDM for a purpose other than scientific research, including for commercial purposes].
Therefore, clarity will be needed on its proper scope (opt-out mechanism and scope of the right)... read more in this Lexology article by Hogan Lovells.
europarl.europa.eu/news • 3 min read
π Members of the European Parliament (MEPs) have endorsed at committee level the provisional agreement on the Artificial Intelligence Act on February 12.
The Internal Market and Civil Liberties Committees voted 71-8 (7 abstentions) to approve the result of negotiations with the member states on the Artificial Intelligence Act.
The next steps include formal adoption at a forthcoming plenary session of the European Parliament and final approval by the Council.
The Act will be fully applicable 24 months after entry into force, with the exception of bans on prohibited practices, which will apply 6 months after entry into force; codes of conduct (9 months after entry into force); general AI rules, including governance (12 months after entry into force); and obligations for high-risk systems (36 months)... read more
π΅οΈ Each year, some of the CNIL's inspections focus on priority topics it elects. In 2024, these topics will be:
πͺ The Bavarian State Office for Data Protection Supervision has checked the cookie banners from around 1,000 websites and found numerous violations.
About one third of the websites examined have been found without legally compliant cookie banners. Operators have been notified and have a chance to fix the errors before they face enforcement actions… read more
Additional information in the authority’s press release (in German).
___
Stay tuned for more by π connecting with us on LinkedIn or, better yet, by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.