The United Kingdom might be greater than the sum of its parts. But when it came to the WannaCry outbreak, some parts of the United Kingdom did less great than others. Here's how the governments and health boards of Scotland, Northern Ireland and Wales are responding.
If Eugene Kaspersky had attended Wednesday's House hearing on the risk his company's anti-virus software poses to the U.S. federal government, he would have faced an unfriendly reception. But Kaspersky wasn't invited, although the panel may "entertain" the possibility of inviting him to a future hearing, according to...
A lawn mower engine manufacturer's notification to federal regulators of a health data breach impacting thousands of its workers highlights the HIPAA compliance duties for businesses that are self-insured for healthcare.
A bipartisan group of five senators has asked a watchdog agency to produce "clear recommendations" for how to make sure the right patients are matched to the right records to help improve the quality of care and crack down on medical and identity fraud. But will that require a national patient identifier?
Freedom of Information requests sent to 430 U.K. local government councils by Barracuda Networks found that at least 27 percent of councils have suffered ransomware outbreaks. Thankfully, almost none have paid ransoms, and good backup practices appear widespread.
Recent changes by the HHS to the certification program for electronic health record software could potentially weaken efforts to ensure EHRs meet federal requirements, including those that impact security, says attorney Maya Uppaluru, who formerly was on the HHS staff.
Equifax is facing increased scrutiny from Congress, including a bill that would mandate free credit freezes for consumers, on demand. But a true fix would require Congress to give U.S. government consumer watchdogs more power.
An ongoing series of Healthcare Security Readiness workshops reveals some key gaps in how healthcare organizations defend against cybercrime hacking. How should entities assess and mitigate these gaps? David Houlding of Intel shares insights.
A 10-digit PIN used by consumers to freeze access to credit reports with Equifax is based on dates and times, several observers have noticed. Equifax says it plans to change how the PIN is generated, but experts say it's another troubling development for a troubled company.
The new head of the agency that enforces HIPAA says his top enforcement priority for the coming year is to find a "big, juicy, egregious" breach case to use as an example from which others can learn. What else is on Roger Severino's agenda?
Verizon has made a strong case for continual PCI DSS awareness with its new study of payment card data security. But like many vendors that conduct their own studies supporting their business cases, Verizon makes suspect logical stretches.
Password security guidance: Do block users from picking commonly used passwords. But to avoid a usability nightmare, don't block users from picking any password that's ever been seen in a data breach, security experts advise.