The Department of Health and Human Services inspector general has criticized HHS for failing to implement security controls on the system that provides computerized access to physical facilities and computer networks.
A House panel, at a July 24 hearing, considered whether the Federal Trade Commission is overstepping its regulatory authority over data security and relying on questionable information in its investigations. Find out what witnesses had to say.
The Massachusetts attorney general has reached a $150,000 HIPAA settlement with a Rhode Island hospital in the wake of a 2012 data breach that affected 14,000 patients, most of whom were from Massachusetts.
Google and Microsoft met with European regulators in Brussels July 24 to discuss their compliance with the "right to be forgotten" ruling and whether it should apply to all of their search engine sites - and not just those in Europe.
A California court has given final approval for a settlement in a consolidated class action lawsuit against the insurer Health Net related to a 2011 breach that affected about 2 million individuals. Find out the terms of the settlement.
Leading this week's industry news roundup, Quantum Corp. is integrating its StorNext scale-out storage with the FireEye network forensics platform, while CARD.com is partnering with IDology to help prevent card fraud.
Point-of-sale retail breaches are the rage, but they are just one cyber-crime trend on the mind of RSA researcher Uri Fleyder. What are the malware and mobile threats that organizations should monitor?
A consolidated class action lawsuit against Sutter Health related to a breach impacting more than 4 million individuals has been dismissed. The decision follows a number of other recent dismissals of similar healthcare data breach suits.
Johns Hopkins Health System has agreed to a $190 million settlement in a privacy violation case that involved a physician using a pen-like camera to secretly photograph female patients. Learn what the organization is doing to prevent other privacy incidents.
The EU Joint Cybercrime Action Taskforce pilot is set to coordinate cross-border investigations - across Europe, the United States and beyond - into cybercrime, including payment card fraud, DDoS attacks and malware rings.
A challenge examiners face in conducting forensic investigations in the cloud is that they don't have access to the servers. That's just one problem the National Institute of Standards and Technology is addressing.
A former payroll specialist at a Wisconsin healthcare provider has been sentenced to seven years in prison in connection with an ID theft scheme that involved using personal information about employees to make unauthorized money transfers to her bank account.