In its third enforcement action in recent weeks, federal regulators have hit a Colorado medical center with a HIPAA fine in a case involving failure to terminate a former employee's remote access to patient data. Other organizations can use the case as a "teachable moment," one attorney advises.
A security review of two Medicaid managed care organizations in Arizona revealed several significant access control and configuration vulnerabilities, raising concerns about whether other MCOs face similar challenges.
Uber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data breach for more than a year. The breach exposed millions of drivers' and users' personal details to attackers, whom Uber paid $100,000 in hush money and for a promise to delete the stolen data.
Patient identity management is the prescription for improving remote patient access, portal adoption and patient satisfaction. Forward-thinking enterprises have realized that integrated proven strategies for identity management are a significant factor in success for both patients and providers.
Despite increased use of two-factor authentication, single sign-on, and biometrics, passwords are still the most common form of authentication. However, when a significant percentage of breaches are caused by weak, stolen, or reused passwords, it's clear passwords pose significant risks that can't be ignored.
You know password management is important. But is your business failing to invest in this easy security and productivity win?
In this Global Password Security Report, we're uncovering the true state of corporate password security around the world. We analyzed aggregated data from more than 43,000 businesses using...
A vulnerability is only as bad as the threat exploiting it and the impact on the organization. Security and risk management leaders should rate vulnerabilities on the basis of risk in order to improve vulnerability management program effectiveness.
Gartner receives frequent inquiries from clients who are...
Bankers Life is notifying more than 566,000 individuals, including Medicare supplemental insurance policyholders, that their personal information was exposed in a hacking incident. Employee credentials were compromised, enabling unauthorized access to certain company websites containing personal data.
Identity and access management is not about compliance anymore - It's really about security, says Gartner's Felix Gaehtgens. With cloud, virtualization, DevOps and other IT trends, IAM has evolved from being a one-off project to an ongoing initiative.
Certain cloud security solutions will protect you today but which are best designed for the future?
Download this checklist to determine how ready your cloud security solution is to meet the challenges of the Vanishing Perimeter and deliver always-on, everywhere protection.
Hackers remotely accessing medical devices and systems - potentially disrupting care and putting patients at risk - is the No. 1 technology hazard facing healthcare entities in the year ahead, according to a new report from the ECRI Institute. Security experts size up the significance of this risk.
Healthcare organizations often fail to address five fundamental elements of a solid cybersecurity program, says security expert Mark Johnson of the consultancy LBMC Information Systems, who formerly was CISO at Vanderbilt University and Medical Center.
Step away from the social media single sign-on services, cybersecurity experts say, citing numerous privacy and security risks. Instead, they recommend that everyone use password managers to create unique and complex passwords for every site, service or app they use.
Smartphone cameras and microphones act as the eyes and ears of the digital age, capable of capturing the smallest audio and visual details in high-definition clarity. Unfortunately, threat actors have demonstrated the ability to hijack these smartphone components, using them to gain valuable insights about targeted...
One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks. But a number of cybercrime markets sell such access, in some cases for as little as 50 cents.