The Department of Health and Human Services has announced two projects tackling the issue of how to obtain patient consent to provide access to their electronic health records via health information exchanges.
Healthcare organizations should provide their staffs with training on how to guard against identity theft regardless of whether they must comply with the federal Red Flags Rule, says fraud prevention expert Jeremy Miller.
Top executives seek the CISO's advice to help determine whether cloud computing benefits outweigh the risks. Here are the top five cloud security risks and concerns CISOs must discuss with their leaders.
"One important element of this effort will be to ensure that we are properly informed going forward about the cyberthreats posed by criminals, terrorists and hostile nations," says Sen. Sheldon Whitehouse, sponsor of the Cybersecurity Public Awareness Act.
While the cause of the Epsilon e-mail breach has not been publicly disclosed, the incident's aftermath has seen a growing list of organizations impacted by the breach. It also has ignited a new debate about the sensitivity of e-mail addresses.
Verizon's newly-released 2011 Data Breach Investigations Report finds that the number of compromised records has dropped dramatically, but incidents are up, and hackers are still finding new ways to get into systems and servers.
Privacy advocates in Maine are supporting a proposed state law that would require patients opt in to participate in the state's health information exchange before clinicians can access their records via the HIE.
As details about the Epsilon e-mail breach unfold, the list of affected companies grows, including major banks and merchants. Here is the latest list of the companies known to have been impacted by the incident.
The Social Security Administration sold the information in a database of deceased individuals that erroneous contained the Social Security numbers, dates of birth, full names and ZIP codes of living people, the inspector general reports.