The California Consumer Privacy Act could cost companies in the state a total of $55 billion for initial compliance expenses, according to a new study prepared for the state attorney general's office. The landmark privacy legislation is slated to go into effect on Jan. 1, 2020.
A dental practice in Texas that responded to patients' Yelp reviews by disclosing patient names and other health information has gotten a bad review from federal regulators: A $10,000 HIPAA monetary settlement and a corrective action plan.
A bipartisan group of lawmakers has introduced a bill to help U.S. telecommunications providers "rip and replace" any Chinese-built networking equipment. The move comes as many experts warn that using Huawei or ZTE 5G equipment poses an unacceptable national security risk.
In the wake of ransomware attacks that have hit the public and private sectors, the U.S. Senate has passed a bill that calls for creating cyber incident response and threat hunting teams at the Department of Homeland Security. Find out what role the teams would play.
"Cyberattacks are one of the unfortunate realities of doing business today," reads gaming company Zynga's data breach notification, thus breaking the first rule of crisis management: Own your mistakes. Hacker Gnosticplayers claims the company was still storing passwords using outdated SHA1.
What are some of the most important aspects in managing vendor security risk when taking on third parties to handle sensitive data? Mitch Parker, CISO of Indiana University Health, explains the critical steps his organization is taking in its approach to vendor risk.
Data protection officers are assuming a more strategic role that goes beyond ensuring compliance with laws and regulations, including GDPR, says Rob Masson, CEO of the DPO Center.
Proponents of the potential adoption of a national unique patient identifier had been hopeful that the Senate would follow the House's lead in lifting a 20-year ban on funding for federal regulators to work on development. But now they face two substantial hurdles.
Why did U.S. President Donald Trump discuss cybersecurity firm CrowdStrike with the president of Ukraine, saying "the server, they say Ukraine has it"? Experts say Trump appears to be referring to one or more conspiracy theories, none of which have a basis in reality.
The National Institute of Standards and Technology expects to release its much anticipated privacy framework by year's end. It's now accepting comments on the latest draft.
Europe's top court has ruled that Google does not have to remove links to sensitive personal data globally under the EU's "right to be forgotten" requirements, saying the requirement only applies in Europe.
The movement to lift the longstanding Congressional ban on federal regulators funding the development or adoption of a national unique patient identifier appears to have hit a roadblock. Here's an update.
The U.S. Justice Department has sued Edward Snowden over his new memoir, claiming that the former NSA contractor violated a nondisclosure agreement he signed when he worked for the government before becoming the world's best-known whistleblower. The suit seeks to collect all profits from the book.
A Minnesota county that originally reported last December that a hacking incident affected about 600 individuals now says about 118,000 may have had healthcare data exposed. What's behind the huge spike?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.