A data breach at University of Pittsburgh Medical Center, which already has resulted in a lawsuit, compromised information on as many as 27,000 employees and led to 788 workers falling victim to tax fraud.
A draft of revised guidance from NIST drops a cryptographic algorithm the NSA is said to have used to circumvent encryption that shields much of global commerce, banking systems, medical records and Internet communications.
A recent inaugural healthcare cybersecurity drill offers a number of lessons, including that many organizations need to improve processing cyberthreat intelligence and sharing that information internally and externally.
As a result of the HIPAA Omnibus Rule's new breach notification guidelines that went into effect last year, business associates need to take certain steps when notifying covered entities of incidents, says security expert Brian Evans.
Within one day of the disclosure of the flaw known as Heartbleed, an attacker posing as an authorized user broke into a corporate computer system, exploiting the vulnerability in the OpenSSL protocol, the breach detection firm Mandiant says.
As federal regulators reveal details for the next phase of HIPAA compliance audits, security and privacy experts give the plan mixed reviews. Find out what experts like and don't like about the proposals.
The Royal Canadian Mounted Police have arrested and charged a 19-year-old London, Ontario, man for his alleged role in exploiting the Heartbleed vulnerability to steal data from the Canada Revenue Agency website.
In the wake of recent high-profile retail breaches, the PCI Security Standards Council is supporting a move toward chip card technology that conforms to the Europay, MasterCard, Visa Standard, says General Manager Bob Russo.
Tech companies continue to respond to the Heartbleed vulnerability by issuing alerts and patches to mitigate potential data compromises. Learn the latest advice from Trend Micro and ICSA Labs, plus updates from Rackspace, Akamai and Bitcoin.
The HHS Office for Civil Rights will resume its HIPAA compliance audit program this fall with a limited number of narrowly focused "desk audits," plus comprehensive on-site audits "as resources allow."