State agencies transferred information containing unencrypted, personal information to unsecured servers between January and May 2010, but the exposure was not discovered until two weeks ago, Texas Comptroller Susan Combs says.
Sens. John Kerry and John McCain introdcued legislation that would balance individual privacy rights while allowing businesses to collect consumer information that could be used to market products and services.
Marcus Ranum isn't just a well-regarded information security expert. He's also a customer of the RSA SecurID product, and he's got some strong feelings about the RSA breach and how the industry has responded to it.
Heartland Payment Systems hacker Albert Gonzalez seeks to overturn his conviction and 20-year sentence, a record for a computer breach, maintaining he committed his crimes with the knowledge of his Secret Service handlers.
Farzad Mostashari, M.D., the new head of the Office of the National Coordinator for Health Information Technology, has the experience that could help move the office from strategy development to execution on a number of issues, including the privacy and security of health information, some observers say.
U.S. Cyber Challenge will hold a series of competitions aimed primarily at college students as part of its April Cyber Quest series, with winners receiving invitations to attend one of several cyber camps to be offered this summer.
Joy Pritts of the Office of the National Coordinator for Health IT says the office intends to develop standards that would give patients the ability to exclude clinicians from accessing certain portions of their electronic health records.
The Influencers is a continuing series of profiles of the people who help shape healthcare information security and privacy policies.
Farzad Mostashari, M.D.
National Coordinator for Health Information Technology
U.S. Department of Health and Human Services
The Privacy and Security Tiger Team is advocating requiring participants in Stage 2 of the HITECH Act's electronic health record incentive program to verify how they are keeping stored data secure, such as through encryption.