A new California law requires that organizations experiencing a data breach provide more detailed information to the individuals affected. The law, which covers breaches involving financial, healthcare and other personal information, goes into effect Jan. 1.
In an ironic twist, a new phishing scheme, purporting to be from the Federal Deposit Insurance Corp., actually claims to offer assistance with ACH and wire fraud, but instead delivers malware that could enable fraud.
Many disaster-related attacks are personal and direct, perpetrated through a phone call. But some take traditional routes, such as e-mail, while more are taking emerging routes, like text messages to mobile devices.
Executives in a variety of industries who are in charge of securing their enterprises' IT say they're more anxious about outsiders hacking into their systems than insiders - either maliciously or inadvertently - threatening their digital assets, a new survey shows.
Cloud computing contracts often assign certain liabilities to the customer. That means healthcare organizations, in some cases, may need additional insurance coverage, warns consultant Gerard Nussbaum.
Before entering a contract with a cloud computing vendor, it pays to do your homework on key privacy and security issues, three experts advise. They suggest demanding transparency into the details of all cloud operations.
IT systems operated by governments, hospitals, financial institutions and other businesses averted catastrophe, for the most part, as Hurricane and then Tropical Storm Irene stormed through the Eastern seaboard over the weekend.
Organizations entering into a contract with a cloud computing vendor need to have a clear understanding of how the vendor operates before signing off on their services, says Chris Witt of Wake Technology Services Inc.
The American National Standards Institute has begun accepting applications from organizations that want to be accredited to certify electronic health records software for the HITECH Act EHR incentive program.
Don't miss your opportunity to participate in the Healthcare Information Security Today survey. Preliminary results show that about 40 percent of healthcare organizations rate their ability to counter security threats as poor, failing or in need of improvement....
A federal proposal that would require healthcare organizations to provide patients with a report listing everyone who has electronically accessed their records needs revamping, two regulatory experts agree.
Creating a culture of security within an organization may be on CISOs' wish lists, but it's often hard to educate and spread that message, says Justin Somaini, chief information security officer at Yahoo.
As social media continues to evolve and new threats continue to emerge, organizations must constantly re-evaluate their policies and conduct risk assessments, says Andrew Kennedy, who heads up social media policy for BITS.