Provisions in legislation introduced by Sen. Richard Blumenthal, D-Conn., target companies that store online data for more than 10,000 people to assure their customers' personally identifiable information is protected.
Nearly 7.9 million Americans were affected by almost 30,800 health information breaches between September 2009, when a federal healthcare breach notification rule took effect, and the end of 2010, according to a new report to Congress.
"Our proposal would give judges the authority they need to adequately punish serious offenders and to make these penalties commensurate with the same type of conduct occurring offline," Associate Deputy Attorney General James Baker tells Congress.
News that two Seattle residents were sentenced last week in a prescription fraud case offers yet another eye-opening reminder of the need to guard against fraudulent activity by staff members at hospitals and clinics.
The Office of the National Coordinator for Health Information Technology has formally launched Query Health, a project to test standards for querying data from electronic health records to conduct research.
Providing HIPAA compliance auditors with complete documentation of every aspect of your privacy and security strategy, along with evidence of corrective action taken to mitigate risks, is essential, says consultant Cliff Baker.
Philip Reitinger's appointment as Sony's first chief information security officer comes more than four months after a massive breach of Sony's PlayStation gaming system that exposed the personal identifiable information of some 77 million customers.
A new California law requires that organizations experiencing a data breach provide more detailed information to the individuals affected. The law, which covers breaches involving financial, healthcare and other personal information, goes into effect Jan. 1.
In an ironic twist, a new phishing scheme, purporting to be from the Federal Deposit Insurance Corp., actually claims to offer assistance with ACH and wire fraud, but instead delivers malware that could enable fraud.
Many disaster-related attacks are personal and direct, perpetrated through a phone call. But some take traditional routes, such as e-mail, while more are taking emerging routes, like text messages to mobile devices.
Executives in a variety of industries who are in charge of securing their enterprises' IT say they're more anxious about outsiders hacking into their systems than insiders - either maliciously or inadvertently - threatening their digital assets, a new survey shows.
Cloud computing contracts often assign certain liabilities to the customer. That means healthcare organizations, in some cases, may need additional insurance coverage, warns consultant Gerard Nussbaum.