The lead cybersecurity official for Britain's GCHQ intelligence agency dismisses charges that the U.K. conducts mass surveillance. But critics question the government's introduction of the Investigatory Powers Bill.
In a case also involving kidnapping and drug conspiracy, two individuals - a former hospital worker and a convicted drug trafficker - have been sentenced to prison for HIPAA privacy violations. Learn who received the maximum sentence.
Inspector General Russell George says hackers would have had a tougher time breaching the IRS "Get Transcript" system if the agency had implemented IG recommendations, but he stops short of saying the safeguards would have prevented the hack.
In assessing risk, computer security has three characteristics: confidentiality, integrity and availability. But not all of those traits help systems designers assess privacy risks. So NIST is developing a privacy risk management framework.
Some healthcare associations are seeking more clarity from federal regulators about security and privacy requirements proposed for Stage 3 of the HITECH Act "meaningful use" incentive program for electronic health records. Find out their concerns.
The Senate has moved closer to approving the USA Freedom Act, with a vote expected in the coming days on the House-passed legislation to provide for surveillance of Americans' phone records with approval of a court order.
Another large hacker attack has been revealed in the healthcare sector. But unlike three recent big cyber-attacks, which targeted health insurers, this latest breach hit a healthcare provider organization. Experts weigh in on mitigation steps.
Five best practices noted in version 3.0 of the PCI Data Security Standard will become requirements after June 30, with remote access and third-party risks the key focus - particularly for smaller merchants.
Using personal information gained from third-party sources to circumvent authentication protections, hackers breached 100,000 accounts of taxpayers who had used the IRS's "Get Transcript" application, which has been temporarily shuttered.
MasterCard's breach settlement with Target has been derailed after not enough card issuers agreed to the terms. Now MasterCard is expected to attempt to renegotiate, while banks continue with a class-action lawsuit against the retailer.
A U.S. Department of Commerce proposal to restrict the export of so-called "intrusion software" to prevent foreign adversaries from acquiring zero-day exploits has raised concern in the developer community.