A Massachusetts hospital that reported a 2010 breach involving lost backup tapes with information on 800,000 individuals has agreed to pay a $475,000 penalty to settle a state attorney general's HIPAA lawsuit.
Imagine a computer network that can fool intruders into seeing configurations that in reality don't exist, making it hard for them to invade the system. That's what Scott DeLoach is trying to figure out how to do.
New alerts from Visa and MasterCard suggest that the breach at payments processor Global Payments Inc. dates back to January 2011 - an exposure window significantly longer than what was originally reported.
Utah Gov. Gary Herbert has taken several steps in the wake of a hacker attack against an unencrypted server that exposed state health department information on 780,000 individuals. Experts assess whether the steps are the right moves.
A laptop stolen from an employee of Accretive Health last year was not encrypted "due to the oversight of an individual IT employee," the company says in a 29-page comment letter sent to Sen. Al Franken, D-Minn. That employee subsequently was fired, the company reports.
A new guide from federal regulators on key privacy and security issues to address when adopting electronic health records is valuable. But additional guidance on risk assessments and other issues is needed.