A security expert and average consumers respond differently to the eBay breach. As most customers retain a high degree of faith in online merchant security, the expert believes eBay committed a serious sin in its lack of strong authentication.
Does cheap labor allow Chinese hackers to troll one website after another until they find something of interest? Times could prove tough for hackers trying to make an 'honest' day's wage.
It's hurricane season, but natural and man-made disasters can happen anytime. Unfortunately, healthcare organizations are often unprepared for how to rebound so their data operations continue to run smoothly and securely in the wake of a crisis.
Effective risk management requires involvement of an organization's top leader; the resignation of Eric Shinseki as secretary of Veterans Affairs means that the VA likely will continue to struggle to comply with federal requirements for IT security.
After receiving much criticism over the privacy and security provisions for HealthCare.gov, it's good to see HHS taking action to help ensure that "navigators" who assist consumers with getting insurance coverage adequately protect patient privacy.
Early testimony in the FTC's administrative trial involving its security complaint against LabMD provides a glimpse into some issues that regulators consider when reviewing data security practices.
"Security as a business enabler" was the mantra echoing through the recently concluded 2014 Infosecurity Europe conference in London, a message that should have been heeded by top executives at retailer Target last year.
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
If Congress fails to enact a national breach notification law, the Obama administration could develop a set of voluntary best practices along the lines of its new cybersecurity framework.
The HIMSS 2014 Conference, to be held Feb. 23 to 27 in Orlando, will feature an impressive lineup of privacy and security educational content, plus updates from federal regulators. Check out the highlights.
Learn how the partial government shutdown is hampering a wide variety of important Department of Health and Human Services programs, ranging from patient privacy protection to disease outbreak detection.
Federal authorities are warning banking institutions and government agencies about a wave of DDoS attacks that could strike on 9/11. Learn what steps the FBI suggests should be taken to mitigate the threat.
Operators of media sites should consider adoption of the cybersecurity framework in the aftermath of the recent domain name systems attacks aimed at The New York Times and Twitter.
Until the interoperability of EHRs can be achieved, the Direct Project can help ensure the secure transfer of patient information during a disaster, says Tia Tinney, who's heading a collaborative effort.
Improper disposal of protected health information poses significant risks, as recent breach incidents demonstrate. That's why organizations need to do a better job vetting disposal companies and verifying that data or devices are actually destroyed.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.