Citing the stretched health IT resources and heavy workloads healthcare organizations face as a result of the COVID-19 pandemic, federal regulators are delaying compliance deadlines for information blocking and health IT interoperability regulations.
Federal regulators have slapped health insurer Aetna with a $1 million HIPAA settlement for three 2017 breaches - including a mailing incident that exposed HIV information - that occurred within six months.
Ireland's Data Protection Commissioner has launched an investigation into whether Facebook's Instagram service improperly displayed the email addresses and phone numbers of minors on its platform. Facebook, Instagram's owner, could face a GDPR fine if it's found to have violated privacy requirements.
Britain's Information Commissioner's Office announced this week a dramatic reduction in its fine against British Airways for violating the EU's General Data Protection Regulation. The company will pay a $26 million fine instead of $238 million in a case tied to a 2018 breach.
Many healthcare organizations are failing to address shortcomings in security risk management for their supply chains, says former healthcare CIO David Finn, describing findings of a recent study assessing the state of cybersecurity in the sector.
As ransomware continues to slam organizations, a lively debate has ensued about whether ransom payments should be banned in all cases. Attempting to ban ransom payments, however, likely would only make the problem worse.
A report by New York state investigators calls for Twitter and other social media companies to implement greater cybersecurity measures and advocates greater federal regulatory oversight of social media companies to help prevent the misuse of their platforms.
Hacking incidents involving ransomware attacks continue to dominate the 2020 health data breach tally, with incidents affecting two companies - Blackbaud and Magellan Health - accounting for numerous breach notifications by their clients.
Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.
Being a member of the healthcare cybersecurity
profession is not only about business. It is being part
of a team that saves human lives and protecting the
patients we serve and ensure the delivery of life-saving
The protection and the secure operation of technology
is of the utmost importance for...
Plaintiffs in the patent infringement case Centripetal Networks v. Cisco Networks won the day thanks to clear testimony and using Cisco's own technical documents in unaltered form. By contrast, the judge slammed Cisco for offering disagreeing witnesses and attempting to focus on old, irrelevant technology.
The financial services industry is a high-value target for cyber criminals
and securing data is a significant challenge for the financial services
firms. This is not surprising given the vast amounts of sensitive data -
customer transactions, account information and private personal data
- that banks, payment card...
The California Consumer Privacy Act (CCPA) is intended to provide
Californian citizens with the right to know when their personal data is being collected,
whether their personal data is being disclosed or sold, and to whom.
This paper outlines data security solutions that can help your organization meet data...
This guide is for CISOs who want to understand whether their
companies are impacted by the new regulation, how it impacts them,
and what steps their teams can take to comply with GDPR data
security requirements. You'll learn:
The basic framework, intent, and extent of the GDPR
Which companies are affected
Why did Cisco, one of the world's largest and most successful networking companies, have to pay more than $2.6 billion in damages? A judge found that it infringed on four patents held by network security firm Centripetal Networks.