The lead cybersecurity official for Britain's GCHQ intelligence agency dismisses charges that the U.K. conducts mass surveillance. But critics question the government's introduction of the Investigatory Powers Bill.
Hours after the Senate approved the USA Freedom Act, President Obama signed the legislation to restrict the way the National Security Agency collects information about Americans' telephone calls.
In a case also involving kidnapping and drug conspiracy, two individuals - a former hospital worker and a convicted drug trafficker - have been sentenced to prison for HIPAA privacy violations. Learn who received the maximum sentence.
Inspector General Russell George says hackers would have had a tougher time breaching the IRS "Get Transcript" system if the agency had implemented IG recommendations, but he stops short of saying the safeguards would have prevented the hack.
In assessing risk, computer security has three characteristics: confidentiality, integrity and availability. But not all of those traits help systems designers assess privacy risks. So NIST is developing a privacy risk management framework.
Some healthcare associations are seeking more clarity from federal regulators about security and privacy requirements proposed for Stage 3 of the HITECH Act "meaningful use" incentive program for electronic health records. Find out their concerns.
The Senate has moved closer to approving the USA Freedom Act, with a vote expected in the coming days on the House-passed legislation to provide for surveillance of Americans' phone records with approval of a court order.
Prosecutors love to tell judges that sentences for hackers and cybercriminals must be strong enough to deter future such crimes. But as the case of Silk Road mastermind Ross Ulbricht shows, they've failed to make the case for deterrence.
With federal regulators moving closer to restarting the delayed HIPAA compliance audit program, now is the time for covered entities and business associates to prepare for potential scrutiny, says healthcare attorney Brad Rostolsky.
Breached dating website FriendFinder allegedly missed email warnings from security researchers that its site had been breached and customers' data was being sold on a "darknet" site. What can other businesses learn from that apparent mistake?
Another large hacker attack has been revealed in the healthcare sector. But unlike three recent big cyber-attacks, which targeted health insurers, this latest breach hit a healthcare provider organization. Experts weigh in on mitigation steps.
BitSight Technologies conducted research on breached organizations and how they were impacted by botnets. The results are eye-opening, says CTO Stephen Boyer, offering insights from this study.
Five best practices noted in version 3.0 of the PCI Data Security Standard will become requirements after June 30, with remote access and third-party risks the key focus - particularly for smaller merchants.
What's wrong with the way we're practicing cybersecurity now? What are the biggest security gaps? BAE Systems Applied Intelligence's Jim Anderson shares his view.
Vendors' and software makers' over-reliance on security messages and warnings has left users habituated to them, thus rendering such alerts less effective or even worthless, warns cybersecurity expert Alan Woodward.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
