Healthcare organizations that base their information security programs on HIPAA compliance are making a major blunder, says security consultant Brad Keller, who explains why that strategy is short-sighted.
The U.K. government's legal justification for spying en masse on British residents' online communications - Google searches, Facebook posts, Webmail - is questioned by privacy and Internet law experts as part of a case triggered by Edward Snowden's leaks.
It's well known that lost or stolen unencrypted computing devices account for the majority of large health data breaches. But a new report from the Department of Health and Human Services shines a light on how frequently breaches - especially smaller ones - involve paper records.
A U.S. House committee is investigating security firm Tiversa over allegedly inaccurate information it provided to the Federal Trade Commission in its battle with medical test lab LabMD over data security.
The U.S. federal government's top telecommunications regulator is proposing a "new regulatory paradigm" by calling on communications providers to step up and assume new responsibilities to manage cyber-risks.
Joy Pritts, the first chief privacy officer at the Office of the National Coordinator for Health IT, is leaving the job after four years in the position. The move comes as ONC is revamping its structure.
Consumer rights advocates have applauded Apple's preview of iOS 8 privacy changes, including randomizing MAC addresses to help block retail analytics and unauthorized forms of device tracking.
While more organizations have breach response plans in place, many are not testing these plans - or are doing a subpar job of conducting tabletop exercises, security experts say.
Although restaurant chain P.F. Chang's has not yet confirmed a breach, several researchers say they believe the chain suffered a malware attack similar to those that compromised Target, Neiman Marcus and Sally Beauty.
Breaking down silos should help organizations mitigate vulnerabilities introduced into their systems from the information and communications technology supply chain, says the co-author of new guidance from NIST.
A critical step in the successful implementation of role-based access control at healthcare organizations is first committing to do time-intensive prep work, says security expert Christopher Paidhrin of PeaceHealth.
Microsoft moves to quash a search warrant granting U.S. investigators the right to request copies of an overseas customer's e-mails that are stored in a data center in Ireland.
As the Office of the National Coordinator for Health IT thinks through care models and broader issues of big data, Karen DeSalvo, head of the office, says it's striving to ensure privacy and security for patients.
Continuous monitoring is helping Freddie Mac reduce the number of security controls it uses to safeguard its information systems, says CISO Patricia Titus, who summarizes lessons that can apply to government and private-sector entities.
In the wake of its massive data breach, Target Corp. has hired as its first CISO an executive with information security leadership experience at two of the nation's largest corporations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.