Organizations often do not detect intrusions until after they've been compromised, says Rob Lee of SANS Institute. So how should they improve their incident-response posture? Lee offers three tips.
The web-services protocol developed by the National Institute of Standards and Technology allows desktops, laptops, e-tablets and smartphones to access sensors that capture biometric data such as fingerprints, iris and face images.
The Health IT Policy Committee is seeking some modifications in the privacy and security provisions of the proposed rules for Stage 2 of the HITECH Act electronic health record incentive program.
States worry as much about responding to the hazards presented by cybersecurity attacks as they do hurricanes, according to a new report issued by the Federal Emergency Management Agency.
Voluntary national standards, including privacy and security guidelines, for health information exchanges are inching forward. Federal authorities soon will seek comments on plans for a Nationwide Health Information Network Governance Rule.
Federal authorities have charged 107 individuals, including some physicians and nurses, for their alleged participation in schemes involving $452 million in false Medicare billing.
New advisories from Visa suggest that payments processor Global Payments Inc. may have been breached in June 2011 - nine months earlier than initially reported.
Many organizations are expanding their application security teams as they accommodate the use of employee-owned devices in the workplace and build their own app stores.
The latest spin on the insider threat: malicious outsiders taking advantage of inadvertent insiders, says Dawn Cappelli of Carnegie Mellon University. Learn how to detect and prevent these attacks.
Susan McAndrew of the HHS Office for Civil Rights provides insights about an omnibus package of regulations - including a revised version of the HIPAA breach notification rule - that's now in the final stages of review.
The UK has announced the first fine against a National Health Service unit for a breach in violation of the Data Protection Act. The Aneurin Bevan Health Board in Wales was fined £70,000 by the Information Commissioner's Office for sending sensitive patient information to the wrong person.
Accretive Health Inc., a Chicago-based medical debt collection agency, has filed a motion to dismiss the Minnesota attorney general's lawsuit against the company that stems, in part, from a data breach incident involving a stolen unencrypted laptop.
Payments processor First Data warns about an uptick in trolling - hackers sniffing networks for easy access to merchants' point-of-sale systems. What can banks do to help merchants prevent breaches?
If you handle critical data, you've got to be humble, advises Bob Carr, CEO of breached processor Heartland Payments System. "Anyone that thinks they're not going to be breached is being naïve."
Among the provisions of the Federal Information Security Amendments Act, approved by a voice vote, is a requirement that agencies implement continuous monitoring of their IT systems to identify vulnerabilities before a cyber incident occurs.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.