Microsoft does not have to turn over emails stored outside the U.S. to federal authorities investigating a crime, an appeals court has affirmed. The closely watched case, which explored the territorial boundaries of U.S. law in the cloud computing age, could end up at the Supreme Court.
Leo Scanlon, deputy CISO at the U.S. Department of Health and Human Services, will take a lead role as HHS sharpens its ongoing focus on cybersecurity issues, an effort that will continue under the Trump administration, he explains.
As President Trump delivered his inaugural address, the White House transitioned its website from the Obama to the Trump administration. Immediately, Trump's team posted a series of position papers, including one that addressed - albeit briefly - cybersecurity.
Mac McMillan, CEO of the information security consulting firm CynergisTek, explains in an interview why he sold the company he co-founded 13 years ago to healthcare document management firm Auxilio Inc., and what's planned next.
Information security researchers have charted a steep decline in Locky ransomware and Dridex banking Trojan distribution in recent weeks. While that's good news, it may only reflect that a cybercrime gang is on vacation.
A researcher claims WhatsApp has dismissed his finding that there's a backdoor in the application that could allow attackers to unlock encrypted messages. But the controversy is more nuanced - and for most of us, much less threatening - than it might first appear.
Yet another study reveals that millions of people are picking weak passwords, with "123456" remaining our collective favorite. Rules requiring stronger passwords and not forcing passwords to expire both could help boost security.
HHS has issued new health data privacy guidance and announced a contest to create an online "model privacy notice generator." Plus, it's issued a reminder about the importance of reviewing and securing audit logs to help prevent and detect breaches.
A list of "super user" passwords - and a default username - now circulating online appears to allow unauthorized access to some webcam video streams, security researchers warn. If confirmed, it would be yet another massive internet of things security failure by a device manufacturer.
A U.K. Information Commissioner's report on its investigation into a 2015 TalkTalk breach offers essential information security takeaways for any organization that wants to avoid being breached, says David Stubley of 7 Elements.
The transition to a new presidential administration makes forecasting for HIPAA enforcement activity in 2017 difficult, says privacy attorney David Holtzman of the consultancy Cynergistek, who sizes up what the HHS Office for Civil Rights might do this year.
In an effort to help advance secure nationwide health data exchange, federal regulators have released an updated online tool to help healthcare entities and technology developers sort through critical standards and implementation specifications. Learn why some thought leaders are giving the guide a thumbs up.
The National Governors Association, in a new road map for improving nationwide secure health data exchange, proposes that states attempt to better align their privacy laws to the federal HIPAA Privacy Rule to help remove legal barriers.
The impact of the patient data privacy and security provisions of the 21st Century Cures Act, signed into law Dec. 13, will depend, in part, on who is chosen to study key issues and come up with recommendations, says attorney Steven Teppler.