The federal government has identified dozens of cases of alleged falsification of reports submitted by investigators - federal employees and contractors - examining individuals being considered for security clearances.
Despite the new instructions on breach notification in the HIPAA Omnibus Rule, there's still plenty of uncertainty about what constitutes a "compromise" of data that triggers notification, says privacy attorney Adam Greene.
National Security Agency Director Keith Alexander declined to say that the agency would stop using contractors in top secret IT positions to prevent a leak such as the one that exposed NSA programs to collect metadata on American citizens.
Regulations initially cause organizations to spend more funds on data breaches, but eventually those rules could save enterprises money, the Ponemon Institute's Larry Ponemon says in analyzing his latest study on breach costs.
Intermountain Healthcare deserves praise for its gutsy leadership on information security. It's calling attention to the value of thorough risk assessments, acknowledging its need to improve security and developing best practices to share.
Intermountain Healthcare stepped up its risk assessment efforts to better identify security issues and help ensure it can pass a federal HIPAA audit. Plus, it's developing security best practices to share with others.
Making broader use of encryption is an important breach prevention strategy. But what's the best way to set encryption priorities? CISO Eric Cowperthwaite explains how a risk assessment plays a vital role.
News about data breaches is motivating more organizations to take steps to improve their security profiles, says Bill Spooner, CIO of Sharp Healthcare, who analyzes the results of the Healthcare Information Security Today survey.
A House panel establishes a bipartisan supply chain working group to explore the federal government's role in helping industry assure that IT and telecommunications wares they buy abroad are safe from exploits.