A breach involving the posting of information about 15,000 Boston Medical Center patients on a transcription firm's unsecured website serves as a reminder of the importance of monitoring the security practices of business associates.
Two key Senators are circulating a draft of cybersecurity legislation designed to promote the sharing of cyberthreat information by offering liability protection. The bipartisan measure is in the early stages of review.
A new voluntary security and privacy certification program for covered entities in Texas aims to bolster compliance with HIPAA and state regulations, prevent breaches - and perhaps help organizations avoid federal sanctions.
Faced with a vulnerability that exposes Microsoft's Internet Explorer Web browser to a zero-day exploit involved in recent targeted attacks, CISOs need to take prompt action, security specialists say. Learn the steps they recommend.
Saying the administration had no advanced knowledge of the Heartbleed bug, President Obama's top cyber adviser has outlined circumstances in which the government would not disclose software vulnerabilities, though such conditions would be rare.
Following news of a serious zero-day exploit impacting several versions of Internet Explorer, the Department of Homeland Security is urging the use of other Web browsers until the issue has been remediated.
With the news that several large technology companies are going to assist in funding critical open source projects such as OpenSSL following the Heartbleed exploit, security experts weigh in on the move.
To help address the shortage of qualified cybersecurity professionals, (ISC)Â² is offering colleges and universities a variety of assistance with bolstering cybersecurity education and preparing students for certification.
In the five years since the HITECH Act was signed into law, there have been some major successes and disappointments concerning health information security and privacy, says Joy Pritts of the Office of the National Coordinator for Health IT.
A hot topic among U.S. federal government security managers and other infosec pros is developing a process to vet mobile applications. The National Institute of Standards and Technology is offering a solution called AppVet.
Following a data breach, sensitive information, including credit card data, is often sold through the underground economy. Security experts discuss why it's so difficult to shut down online criminal forums.