A House committee approved on April 15 a national data breach notification bill, but the committee chairman concedes that the legislation isn't quite ready for a vote by the full House of Representatives.
After a three-year delay, federal regulators remain tight-lipped about when the next round of HIPAA compliance audits will begin. But a variety of HIPAA-related guidance is in the works, a government official reveals at the HIMSS15 conference.
The PCI Security Standards Council has published a new version of its data security standard that calls for ending the use of the outdated Secure Sockets Layer encryption protocol that can put payment data at risk.
After beating back amendments by Democratic members to limit liability protections for businesses, the House Homeland Security Committee on
April 14 unanimously approved cyberthreat information sharing legislation on a voice vote.
At an April 12 workshop during the HIMSS 2015 Conference in Chicago, security experts, including Mark Dill of the Cleveland Clinic, offer timely insights on how to improve breach prevention and response.
The Office of the National Coordinator for Health IT has issued a report to Congress outlining how the secure exchange of health information is sometimes unreasonably blocked, with concerns about privacy and security inappropriately invoked.
Islamic State sympathizers are exploiting a vulnerability in a WorldPress Content Management System plug-in to deface the websites of news outlets, businesses, religious groups and governments in the U.S. and abroad, the FBI says.
The upcoming RSA Conference 2015 in San Francisco will feature sessions ripped from the headlines, reflecting the challenges security professionals face in safeguarding their organizations' systems and information.
A former respiratory therapist at an Ohio hospital has been indicted for HIPAA violations in connection with alleged inappropriate access to the records of nearly 600 patients. Such criminal cases remain relatively rare.
White Lodging Services Corp. has revealed a malware attack against point-of-sale systems at 10 of the hotels it manages, potentially exposing payment card data. The disclosure comes about a year after it confirmed a similar malware-related breach.
AT&T, in a settlement with the FCC, agrees to pay a $25 million fine because call center employees in Mexico, Colombia and the Philippines accessed private information from some 278,000 customer accounts without authorization.
A federal judge has dismissed a consolidated class action lawsuit filed against Horizon Blue Cross Blue Shield in the wake of a 2013 data breach. Learn how this case compares to a suit against another insurer, AvMed, which resulted in a settlement.