A health and financial information breach that may have affected as many as 10,000 patients at a Kansas hospital illustrates yet again that the actions of a business associate's subcontractor can have a major potential impact on patient privacy.
One reason why so many healthcare organizations are not well-prepared to counter security threats is that "key leadership has not bought into the whole process," says Bob Krenek of ExperianÂ® Data Breach Resolution.
Penetration tests that demonstrate how an unauthorized user could gain access to patient information can be effective in winning support for a bigger information security budget, says David Kennedy of Diebold, Incorporated.
Two fraud suspects had the perfect scheme, skimming payment card numbers at local gas pumps and then using counterfeit cards to buy more than $70,000 worth of goods at area merchants. But then they got greedy.
TRICARE, the military health program, has directed its business associate, Science Applications International Corp., to offer one year's worth of free credit monitoring and restoration services to the 4.9 million affected by a recent breach.
A holistic security strategy that incorporates anomaly detection decreases fraud risk without changing account holders' online banking experience.
In the war against cyber criminals, financial institutions are presented with an arsenal of point solutions, each designed to secure access to online banking accounts,...
From heightened risks to increased regulations, senior leaders at all levels are pressured to improve their organizations' risk management capabilities. But no one is showing them how - until now.
Learn the fundamentals of developing a risk management program from the man who wrote the book on the topic: Ron Ross,...
Researchers at security vendor Symantec say they've been in contact with a 20-something Chinese man who may be behind a series of attacks against U.S. businesses with the aim to steal intellectual property.
Medtronic's announcement that it's launching an "in-depth risk/benefit analysis" following an "ethical hack" of one of its insulin pumps is good news. We hope that Medtronic and all other medical device manufacturers launch long-overdue, aggressive efforts to improve medical device safeguards.
ID theft expert Joanna Crane wonders whether banks, government agencies and healthcare providers do enough to assist consumers with ID theft recovery, saying consumer expectations are often loftier than what's being done to meet the demand.
Occupy supporters plan today to protest at several banks' headquarters in NYC. Coming on the heels of cyberattacks that targeted police in Boston, how worried should banks be about growing physical threats and cyberattacks waged by Occupy sympathizers?
New research from Carnegie Mellon University's Software Engineering Institute provides further evidence why IT security isn't just the problem of an enterprise's security organization but of its top non-IT leadership as well.
The total number of Americans affected by major health information breaches since the HIPAA breach notification rule took effect could grow by more than 50 percent once two major recent incidents are added to the official federal tally.
The Department of Energy's inspector general identifies flaws in the areas of access controls, vulnerability management, web application integrity, contingency planning, change control management and cybersecurity training.