In this week's breach roundup, Ferris State University in Michigan is notifying 39,000 individuals that their Social Security numbers and other personal information may have been exposed as a result of a network breach.
HHS proposes that state insurance exchanges report data breaches within one hour after discovering them. CIO Curt Kwak of the Washington state exchange explains why compliance with such a rule would be challenging.
Despite the new instructions on breach notification in the HIPAA Omnibus Rule, there's still plenty of uncertainty about what constitutes a "compromise" of data that triggers notification, says privacy attorney Adam Greene.
In this week's breach roundup, read about the latest incidents, including Drupal.org resetting passwords after the open-source content management framework provider discovered unauthorized access to account information.