Federal regulators have set up online resources to help healthcare providers as well as consumers navigate circumstances under which HIPAA permits a covered entity to disclose mental health or substance abuse information to a patient's family members and caregivers.
Kaspersky Lab has sued the U.S. Department of Homeland Security for issuing an order that bans the Moscow-based anti-virus firm's software from being used on federal systems, saying DHS violated the company's right to respond to the allegations against it.
The Trump administration has belatedly announced that hackers tied to the government of North Korea were behind the WannaCry ransomware outbreak that began in May and infected more than 200,000 endpoints across 150 countries. Why is the White House only now airing its attribution?
In an usual move, federal regulators have made arrangements to have a cyber insurer cover a $2.3 million HIPAA penalty on behalf of a bankrupt cancer care clinic chain, 21st Century Oncology, which also signed false claims settlements totaling $26 million.
Bitcoin-seeking phishing attacks have been trying to socially engineer would-be cryptocurrency exchange executives, warn researchers at Secureworks. The attacks use Word documents with malicious macros and control code previously seen in attacks launched by the Lazarus Group, which has been tied to North Korea.
Bitcoin's massive rise in value and hype continues to draw the attention of hackers, scammers and organized crime. Flaws in bitcoin mining firmware and hacks of wallet software show that the infrastructure associated with cryptocurrency is not always well-secured.
What does the title National Protection and Programs Directorate mean to you? It's not so clear, unless you are familiar with the Department of Homeland Security's organizational chart. To clarify its mission, the House has voted to rename - and revamp - the DHS agency.
Most of the criminal activity targeting today's enterprises originates at the endpoint, and the majority of modern breaches use known threats or vulnerabilities for which a patch already exists. For this reason, endpoint visibility must be complete and continuous.
Organizations should take an "inside-out" approach to mitigating the insider threat, says Brandon Swafford of Forcepoint, who explains the components of that approach in an in-depth interview.
The latest ISMG Security Report focuses on the significant changes found in the latest version of the U.S. government's Framework for Improving Critical Infrastructure Cybersecurity, commonly known as the NIST cybersecurity framework. NIST seeks comments from stakeholders on the draft of version 1.1 of the framework...
The adoption of "unconventional" security controls that are risk-driven can help organizations adapt to the changing cyber threat landscape, says Jim Routh, CISO at health insurer Aetna.
A group of Russian-speaking hackers over the past year-and-a-half has stolen nearly $10 million from banks, mostly in the United States, Britain and Russia, the Moscow-based, according to cybersecurity firm Group-IB.
Cybercriminals continue to rely on individuals who undertake the risky operation of moving illicit proceeds from one location to another. But these "money mules" face a multitude of risks, including imprisonment, police warn.
U.S. healthcare entities need to keep security top of mind if they use offshore services to handle protected health information, security experts say, pointing to specific steps to take.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
