A final rule spelling out requirements for state health insurance exchanges drops a proposed requirement that breaches must be reported within an hour of discovery, relying on language in contracts instead.
As victims of cyber-attacks on their domain name systems providers, The New York Times, Twitter and the Huffington Post UK may have opened themselves and their customers to more nefarious threats, a leading IT security expert says.
To build credibility for its HIPAA enforcement efforts, the Department of Health and Human Services needs to ramp up its breach prevention efforts for the health insurance exchanges slated to begin operations Oct. 1.
HHS proposes that state insurance exchanges report data breaches within one hour after discovering them. CIO Curt Kwak of the Washington state exchange explains why compliance with such a rule would be challenging.
Breaches are expensive, embarrassing and entice additional scrutiny from regulators and consumers alike. By taking eight key steps, you can protect private information and lessen the impact of breaches when they occur.
In the wake of the NSA leak by former systems administrator Edward Snowden, how can organizations limit the amount of data access offered to those managing IT systems? Former CIA CISO Robert Bigman explains.