Building better relationships between organizations' privacy and security teams and the workforce, as well as between covered entities and their business associates, is essential to improving patient data security. That was a key theme at last week's Healthcare Information Security Summit in San Francisco.
Too often, individuals who fail to take the proper steps to secure IT aren't punished for their reckless behavior. But should those who consistently fail to follow safe cyber hygiene be severely penalized for repeatedly falling for phishing attacks?
The U.S. migration to EMV chip payment cards, which is progressing slowly, will be overshadowed by EMV-compliant mobile payments, says Gray Taylor of Conexxus, a convenience store and petroleum industry technology association.
BlackBerry plans to buy mobile device management rival Good Technology for $425 million. BlackBerry must prep for a future in which it no longer manufactures hardware - and that's why this deal makes sense.
Information security experts offer two timely Apple iOS device reminders: First, never jailbreak the devices. Second, enterprise security managers must ensure that they ruthlessly block any jailbroken devices from accessing corporate networks because they pose a security risk.
The bad news is that the new KeyRaider malware has so far compromised more than 225,000 Apple accounts worldwide. The good news, according to Ryan Olson of Palo Alto Networks, is that only modified, or "jailbroken," ioS devices are at risk.
A controversy over the University of Oregon's handling of a student's mental health records is building momentum for reforms in a regulation that allows schools to use, and in some cases disclose, certain education records of students without their consent.
Cybersecurity risks to medical devices will become an even more critical issue for healthcare organizations to address next year because of the need to maintain patient trust, says Rob Potter of Symantec.
What do federal regulators have to say about the current state of health data security and privacy? And what are the top priorities of the new federal point person for HIPAA enforcement? Find out by following our coverage of an HHS/NIST security conference this week.
In the wake of the discovery of the serious Android Stagefright flaws, which affect an estimated 950 million devices, security researchers reveal that they discovered yet another Stagefright flaw - and that Google's initial fix could be exploited.
The recent FDA alert advising healthcare organizations to stop using a line of infusion pumps because of cybersecurity flaws, coupled with earlier guidance from the agency, will lead manufacturers to be more focused on risk management, predicts attorney Anna Spencer.
The outrage directed at Oracle Corp.'s security chief after a recent blog post in which she scolded third parties who scan the company's software looking for security flaws had a familiar ring: Do medical device makers have a similar cybersecurity attitude?
Security is a busy sector: Symantec jettisoned Veritas, Zscaler became a "unicorn" after its most recent funding round, and we have other M&A news from Cisco, Fidelity National Information Services and Proofpoint.
Millions of Android devices are at risk from "Certifi-gate," a flaw that OEMs must patch, Check Point warns. Following Stagefright, Google and some manufacturers have promised to deliver monthly Android patches.
Numerous services are enabled by default in Microsoft's Windows 10, and as employees connect their BYOD equipment to corporate networks, the cloud, collaboration and location tie-ins could pose enterprise security risks, experts warn.