Ignoring a White House threat to veto the Cyber Intelligence Sharing and Protection Act, the House of Representatives overwhelmingly approved the bill known as CISPA, sending the measure to the Senate.
To meet Obama administration concerns, the House sponsors of the Cyber Intelligence Sharing and Protection Act amended the bill. But a White House spokesman says those changes didn't go far enough to protect citizens' privacy and civil liberties.
Adventist Health System faces a class action lawsuit in the wake of a health data theft case that resulted in three guilty pleas. The lawsuit alleges Adventist failed to adequately protect patient information.
Two insiders at healthcare facilities affiliated with the University of Florida have been arrested in ID theft cases. The breaches were part of a broader ID theft ring, authorities allege, and more arrests are pending.
The Obama administration's proposed budget for HHS includes a hefty increase in funding for the office that runs the HITECH electronic health record incentive program and a smaller budget hike for the HIPAA enforcement unit.
The SEC in 2011 issued staff guidance on disclosure obligations regarding cyber-risks and incidents. Now, Senate Commerce Committee Chairman Jay Rockefeller wants the SEC commissioners themselves to provide the guidance.
An administration spokeswoman says a House committee has made a good-faith effort to address White House concerns about the information-sharing bill, but contends fundamental priorities still haven't been addressed.
To prevent data breaches, healthcare organizations are taking a number of critical steps, including ramping up their use of encryption, the second annual Healthcare Information Security Today Survey shows.
The advocacy group Patient Privacy Rights has co-developed a "trust framework" that IT vendors and their clients can use to help measure compliance with privacy principles. But will it prove practical?