Partners HealthCare System is the latest healthcare organizations to suffer a data breach following a phishing attack. But why did Partners wait five months to issue a breach notification, when HIPAA requires notifications within 60 days?
Partners HealthCare System announced that it is the latest healthcare organization hit by a data breach attributed to a phishing attack. The records of an estimated 3,300 individuals may have been compromised in the incident.
Privacy advocates in the Senate have introduced a national data breach notification bill that would allow states to keep their own laws if they provide more stringent reporting and privacy protections than offered by the federal government.
The House Judiciary Committee, in passing a tailored bill to end the NSA's bulk collection program of phone records, rejected amendments to expand privacy reforms to other government surveillance initiatives.
After nearly 2Â½ months on the job, federal Chief Information Officer Tony Scott was reluctant to offer Congress a detailed assessment of the quality of agencies' information security until reviewing results of pending "CyberStat" reviews.
Federal regulators have hit a small Denver pharmacy with a $125,000 penalty for a 2012 breach involving improper disposal of paper patient records. It's the second such HIPAA-related penalty within a year tied to improper records dumping.
A report that Russian hackers read President Obama's email correspondence raises further questions about White House cybersecurity, say IT security experts, who offer insights on protecting White House systems.
Bank of the West prides itself on being an innovator in customer education about fraud prevention. But customers still don't want to be inconvenienced with arduous security hoops, says bank fraud prevention officer David Pollino.
(ISC)Â² and the Cloud Security Alliance have unveiled a new cloud security professional certification designed to measure advanced competence. Will training for the certification help professionals gain a better understanding of cloud security?
The Department of Defense has unveiled an updated cybersecurity strategy that officially acknowledges for the first time that the U.S. military is willing to use cyberwarfare to defend U.S. interests against cyber-enemies.
Not all threat intelligence is created equally, says Fortinet's John Maddison. And it's not just external threats organizations should be most concerned about. Why more businesses need to focus on inside-out security.