HIPAA has long provided patients with the right to access their own "designated record set" of protected health information. But federal regulators are on a campaign to help patients and healthcare organizations understand records access rights, as well as the related privacy risks.
As the threat of malware infections, especially those involving ransomware, grows, organizations need to balance their perimeter-based security practices with an "intrusion tolerance" strategy that helps ensure a quick recovery, says medical device cybersecurity expert Kevin Fu.
The landscape, as it relates to security has certainly changed since my first HIMSS Conference in 2008. I recall walking the exhibit hall discussing multi-factor authentication and identity management only to receive blank stares or interesting comments from prospective partners and customers. I heard, "we use...
If recent cyberattacks on healthcare organizations - including the ransomware attack on Hollywood Presbyterian Medical Center - tell us anything, it's that better cyber threat intelligence sharing is desperately needed. A project led by Harris Health Systems aims to help identify the gaps that need to be addressed.
Here's more evidence of how a data breach can have a major financial impact. The bill for U.K. telecom giant TalkTalk's October 2015 data breach could be as much as $94 million, and the incident resulted in the loss of 95,000 customers.
As the federal government moves forward with a long list of endeavors - including a "moonshot to end cancer" - focused on boosting medical innovations, it's critical that patient privacy and data security stay top of mind.
Here's why the acquisition of rival threat-intelligence firm iSight Partners by breach investigation heavyweight FireEye makes sense, and why market watchers predict that other stand-alone intelligence firms will soon get snapped up.
Cybersecurity is becoming an issue in the U.S. presidential campaign, finally. That's good news because it's critical in our day-to-day lives. But are the candidates doing the issue justice in the way they address it?
The 30-day Cybersecurity Sprint overseen by Federal CIO Tony Scott has crossed the finish line, but in reality, it looks more like a starting gate to a marathon to get the federal government to secure its battered IT.
Although they apparently weren't caused by cyber-attacks, the impacts of computer failures at the New York Stock Exchange, United Airlines and the Wall Street Journal have much in common with the aftermath of breaches.
As federal lawmakers return this week from their Independence Day recess, Congress picks up where it left off before the break: holding hearings on the Office of Personnel Management breach that exposed the personal records of millions of government workers.
Would encryption, two-factor authentication and other measures stop a determined adversary from stealing millions of U.S. government personnel files? No, a former CIA CISO says. Read how Robert Bigman would defend against OPM-style cyber-attacks.
Unlike previous presidential campaigns, cybersecurity will be raised by candidates on the hustings, although the issue likely won't play a big role in determining the election. Two GOP candidates - Marco Rubio and Rand Paul - already have broached the topic.
Facebook dismisses reports that a brief Jan. 26 outage was triggered by either U.S. blizzard conditions or the hacking group Lizard Squad. The social network blames the hour-long outage on an internal, technical problem.