Google has agreed to a $17 million settlement with 37 states and the District of Columbia over its unauthorized placement of cookies on computers using Apple Safari Web browsers, which the states claim was a privacy violation.
Financial institutions and businesses in other sectors must continually collect information about their online customers to ensure stronger authentication, says Avivah Litan, a fraud expert and analyst for the consultancy Gartner.
A North Carolina state website that provides the public with transparency into government spending inadvertently listed personal data on 1,300 patients. A security expert offers insights on preventing such breaches.
HIPAA compliance training can play a critical role in preventing data breaches. Learn why a medical billing company switched to a cloud-based approach to improve training accountability, efficiency and documentation.
Although businesses understand the benefits of sharing cyber-threat information with law enforcement, they often let perceived legal constraints prevent them from collaborating, says Mary Galligan, a former FBI investigator.
Medical identity theft, an often underestimated crime, is one of the fastest growing offenses in America. It has claimed more than 1.8 million domestic victims so far this year - a 19 percent increase from 2012 - and is expected to get worse before it gets better.
Covered entities are finding it difficult to comply with a HIPAA Omnibus requirement to accommodate patients who pay cash and don't want their treatment information disclosed to insurers, says Jeff Cobb, CISO at Capella Healthcare.
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
Organizations must guard against making three common mistakes when conducting an investigation of a data breach or fraud incident, says attorney Kim Peretti, a former Department of Justice cybercrime prosecutor.
Federal advisers are hammering out recommendations, including potential technology pilot projects, for how to best implement a HITECH Act mandate to update requirements for an accounting of disclosures of protected health information.