Twitter's announcement that it's adding "forward secrecy" encryption to its sites should serve as a reminder that organizations need to continually assess the risks to their organization, experts say.
The White House is intensifying its effort to get federal agencies to adopt continuous monitoring and move away from the paper-based checklist compliance they've followed for a decade under the Federal Information Security Management Act.
Business associates have been involved with fewer major health data breaches so far this year, compared with 2012. Are they getting better at prevention, or are they just under-reporting breaches?
Researchers have a new option for securely accessing more than 400 billion federal healthcare records via a virtual data center, says Niall Brennan of the Centers for Medicare and Medicaid Services.
Attempts to shame China haven't been effective in stopping that country from pilfering intellectual property from the computers of American companies, according to a new report to Congress from a special commission.
In case you missed ISMG's 2013 Fraud Summit - or even if you were there and want to share insights with colleagues - I'm pleased to announce the availability of a series of session videos featuring top fraud experts.
The use of synthetic identities is a rising concern for organizations, and financial institutions are often the ones taking the hit for the fraud, says Claudel Chery of the U.S. Postal Inspection Service.
Jeh Johnson has cleared a major hurdle to becoming the next Homeland Security secretary and a chief advocate for the administration's cybersecurity policies. But it's unclear when the full Senate will vote on his nomination.
From a risk management perspective, the federal HealthCare.gov website should be shut down until its technical problems are fixed and end-to-end security testing is completed, says consumer advocate Christopher Rasmussen.
Figuring out how Edward Snowden breached NSA computers is sort of like solving a puzzle. Take public information and match it with an understanding of how organizations get hacked, and the pieces seem to fall into place.
When health information breaches involving identity theft occur, problems can resurface for patients and providers. Find out how some Sutter Health patients are still being victimized.
A federal advisory panel will recommend that the Department of Health and Human Services take an incremental approach to implementing a revised HIPAA accounting of disclosures rule. Find out about tentative plans for fine-tuning the rule.
Attorneys discuss the significance of the 10-year prison sentence for hacker Jeremy Hammond, who pleaded guilty in connection with a 2011 breach of Stratfor, a global intelligence firm that provides services to the U.S. government.
For risk managers, an often overlooked step for minimizing supply chain risks is to continually monitor outsourcers and other third parties to address critical security issues, says the Information Security Forum's Steve Durbin.
Google has agreed to a $17 million settlement with 37 states and the District of Columbia over its unauthorized placement of cookies on computers using Apple Safari Web browsers, which the states claim was a privacy violation.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.