Proposed rules released this week by the Department of Health and Human Services aim to define and discourage inappropriate blocking of the secure sharing of health information, Elise Sweeney Anthony of the Office of the National Coordinator for Health IT explains in an interview at the HIMSS19 conference.
What if organizations' information security practices have gotten so good that they're finally repelling cybercriminals and nation-state attackers alike? Unfortunately, the five biggest corporate breaches of the past five years - including Yahoo, Marriott and Equifax - suggest otherwise.
Red Hat, Amazon and Google have issued fixes for a serious container vulnerability. The flaw in the "runc" container-spawning tool could allow attackers to craft a malicious container able to "break out" and gain root control of a host system, potentially putting thousands of other containers at risk.
Many healthcare organizations are falling short in their incident response plans, says Mark Dill, principal consultant at tw-Security. The former director of information security at the Cleveland Clinic discusses best practices for keeping those programs current in an interview at the HIMSS19 conference.
The HHS Office for Civil Rights is paying particular attention to complaints involving patients' access to their health information; it's also focusing on investigations of organizations with patterns of HIPAA noncompliance, Nick Heesters of the agency explains in an interview at the HIMSS19 conference.
Medical device cybersecurity risks should be viewed as an enterprise problem, say Tracey Hughes of Duke University Health Systems and Clyde Hewitt of security consultancy CynergisTek, who outline critical security steps.
What are some of the hottest issues that will be discussed at this year's RSA Conference, to be held March 4-8 in San Francisco? Britta Glade, content director for the world's largest data security event, says DevSecOps - as well as third-party risk and cloud-related issues - are emerging as key themes.
The Trump administration is leading a broadside against Chinese telecommunications giants Huawei and ZTE. But concerns that Chinese networking gear could be used as backdoors for facilitating state-sponsored surveillance or disrupting critical infrastructure are not limited to America.
Healthcare organizations should steer clear of connecting internet of things devices to their networks unless they serve a precise medical purpose, says attorney Julia Hesse, a featured speaker at the HIMSS19 Conference.
Federal regulators have hit a California-based healthcare provider with a $3 million HIPAA settlement related to two breaches involving misconfigured IT. It's the latest in a recent series of hefty penalties issued in HIPAA cases.
Apple has issued an iOS update that patches two flaws being exploited in the wild by attackers as well as the "FalmPalm" bug in Group FaceTime. Apple says it compensated the teenager who reported the FaceTime flaw and gave him an extra gift toward his tuition.
Germany's competition authority, the Bundeskartellamt, has prohibited Facebook from combining user data from different sources unless users consent, and it has also prohibited Facebook from blocking users who do not provide this consent. Facebook has one month to appeal the antitrust decision.
For the second time, the Department of Justice has imposed a substantial fine on an electronic health records software vendor in a case that involves data accuracy and integrity issues that could affect patient safety.