Working with business associates to prevent health information breaches requires far more than writing detailed contract terms on privacy and security, says regulatory expert Christopher Hourihan.
Recent hacks have uncovered security vulnerabilities that should have been addressed years ago. "These attacks are going to escalate," says Josh Corman of The 451 Group. But organizations can implement basic steps to make the hackers' job harder.
An unencrypted laptop computer that's missing from the United Kingdom's National Health Service North Central London health authority contained information on 8.63 million people, according to a report on The Sun newspaper's website.
Senate Sergeant at Arms confirms the attack occurred over the weekend and has ordered a review of all Senate computer sites. Hackers' cryptic message suggests they don't like military's intent to use force to combat cyberattacks.
CEO Jack Tretton didn't minimize the breach, grouping Sony with others that have been hacked in recent weeks. "If you read the newspapers, you realize that there are companies being bombarded with people trying to hack them all the time."
NRC CISO Patrick Howard is among three information security leaders who share their experiences, approaches and challenges from battling data breach incidents that had an impact on their organizations and their careers.
Details surrounding the reported breach of the International Monetary Fund remain sketchy, but alarming. And Gartner analyst Avivah Litan believes there may be "dozens" of similar incidents that have not been disclosed.
If you need one more reason to take additional steps to prevent health information breaches, here's something to consider. An attorney argues that if breaches, and their high costs, are not brought under control, "I think where we are headed is to an insurance crisis."
"Eddie also will contribute to product strategy, marketing and technical evangelism for RSA," an RSA spokeswoman says. "This role will leverage Eddie's 20-plus years of security expertise."
Some organizations hesitate to involve law enforcement in their breach investigations for fear that exposing the hack would cost them their reputations and money. A Justice Department contingent tells a gathering of lawyers why that impression is wrong.
A California physician group practice has notified nearly 16,000 patients of a health information breach stemming from the theft of 19 new computers from clinics in Pasadena and Long Beach.
Victimized by a hack of its SecurID authentication token that resulted in the breaches of several customers' IT systems, security maker RSA is expected to announce its first chief security officer as early as Friday.
Art Coviello, RSA's executive chairman, confirms that information taken from RSA in March had been used as an element of an attempted broader attack discovered late last month on SecurID customer and defense contractor Lockheed Martin.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
