Sutter Health, an integrated delivery system that was in the process of encrypting all its desktop computers, reports that a device that had not yet been encrypted was recently stolen, affecting more than 4.2 million patients.
Servers at Virginia Commonwealth University were recently hacked, potentially exposing Social Security numbers for more than 176,000 faculty, staff, students and affiliates at the university and the VCU Health System.
Sen. Charles Schumer is asking the Federal Trade Commission to look into a new practice in which credit agencies keep estimates of individuals' personal information such as medication use and personal income from consumers.
Just four months after agreeing to pay an $865,000 penalty for a series of HIPAA violations, UCLA Health System has revealed a breach incident involving the theft of an external hard drive from a former employee's home.
A health and financial information breach that may have affected as many as 10,000 patients at a Kansas hospital illustrates yet again that the actions of a business associate's subcontractor can have a major potential impact on patient privacy.
One reason why so many healthcare organizations are not well-prepared to counter security threats is that "key leadership has not bought into the whole process," says Bob Krenek of ExperianÂ® Data Breach Resolution.
Penetration tests that demonstrate how an unauthorized user could gain access to patient information can be effective in winning support for a bigger information security budget, says David Kennedy of Diebold, Incorporated.
When it comes to responding to today's high-profile information security incidents, technical abilities simply aren't enough, says Gavin Reid of Cisco's Computer Security Incident Response Team. Here are the five must-have skills for today's incident response professionals.