For the first time, a federal investigation of a health information breach that affected fewer than 500 individuals has resulted in a financial penalty for HIPAA violations. Read more about the settlement.
The answer seems obvious, especially in the context of IT security and information risk. Yet, is it, especially when developing codes and standards, as well as funding research and development initiatives that involve taxpayer money?
Heading into 2013, security leaders across industry feel confident about their processes and technology. People, though, continue to create the greatest risks. Can "awareness in depth" make a difference?
In recent weeks, the federal tally of major health information breaches has been growing at a relatively slow pace. Is that evidence that healthcare organizations are getting better at preventing breaches?
Eurograbber got banks' attention after compromising out-of-band authentication in Europe. But researchers say it's the knowledge of the hackers behind the attack, not the Trojan, that's most concerning.
New malware attacks are targeting smart phones, and experts say banking institutions aren't doing enough to detect and prevent those attacks. So where should institutions focus their tech investments in 2013?
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.