Washington State University has agreed to pay more than $4.7 million to settle a lawsuit stemming from the theft of a portable hard disk drive from a self-storage unit. The drive contained information - much of it unencrypted - on more than 1 million individuals.
Sometimes, even a furniture manufacturer must report a health data breach to comply with the HIPAA Breach Notification Rule. Compliance experts explain the requirements for certain employers.
From blockchains and surveillance to backdoors and GDPR, a group of leading cryptographers rounded up the top cybersecurity and privacy matters of the day at the cryptographers' panel held at the recent RSA Conference 2019 in San Francisco.
Boston Children's Hospital is pioneering the use of Amazon's Alexa voice assist technology in the healthcare sector. John Brownstein, the hospital's chief innovation officer, discusses the security measures involved.
WikiLeaks founder Julian Assange's hacker roots and nontraditional approach to journalism may prove damaging following his arrest on Thursday. He's been charged with one count of conspiracy, but U.S. prosecutors still have time to file more serous charges pending his extradition from the U.K.
The University of Texas MD Anderson Cancer Center has filed a lawsuit arguing that a $4.3 million HIPAA penalty levied against it last year by the Department of Health and Human Services following three data breaches was unlawful. What are the main arguments?
The Department of Health and Human Services has yet to take certain critical actions to help enhance cybersecurity, according to a new GAO report that lists hundreds of recommendations for improving operations that have not been implemented.
Dark patterns are out to get you. The term describes the practice of abusing usability norms to create user interfaces that trick users into divulging their personal details or sacrificing their privacy. Bipartisan legislation proposed in the U.S. Senate, however, would make malicious design illegal.
Yahoo is hoping a revamped proposed breach-related settlement will pass muster with a federal judge who rejected the first one for myriad reasons, including high attorney fees and a lack of transparency. The settlement totals $117.5 million, just ahead of health insurer Anthem's $115 million settlement.
The NIST Cybersecurity Framework was never intended to be something you could "do." It's supposed to be something you can "use."
Download this guide and learn how you can:
Figure out the "as is" state for your organization;
Identify areas you are doing well and areas you need to focus your efforts;
Positively...
Sen. Elizabeth Warren, D-Mass, has introduced legislation that would pave the way for top executives at major corporations to face criminal charges if their company's wrongdoing leads to harm, such as a major data breach. While business groups immediately criticized the plan, consumer advocates praised it.
Keynotes and briefings at the recent 28th annual RSA Conference 2019 covered a wide range of topics, including privacy, hackers, cyber extortion, machine learning, artificial intelligence, human psychology, legal matters, career advice and internet-connected device concerns. Here are 15 highlights.
Several industry groups have offered suggestions - ranging from better cyber information sharing to new regulatory "safe harbors" for entities complying with best practices - in response to Sen. Mark Warner's recent request seeking ideas for improving healthcare sector cybersecurity.
Vendor risk management must be a higher priority in all business sectors and must extend beyond security to include privacy, says Kabir Barday of OneTrust.
A small Michigan medical practice that plans to permanently shut down in the wake of a recent ransomware attack is an example of the devastation that can result from a serious cyberattack.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
