What could be worse than a ransomware infection? How about getting infected by "torture ransomware" that uses a sadistic puppet to taunt you, slowly deleting your encrypted files while increasing the ransom demand until you pay?
A former pharmaceutical company manager faces sentencing in July after pleading guilty to criminal HIPAA violations for his part in a complex fraud scheme involving drug maker Warner Chilcott. Why are criminal HIPAA cases so rare?
Apple's QuickTime media player and web browser plug-in should be immediately expunged from all Windows systems, security experts warn, in a reminder of the dangers of using outdated software - especially web browser plug-ins.
The scant - if not conflicting - details and sourcing attached to a recent news report on how the FBI cracked an iPhone 5c have left information security experts questioning both technical details and related agendas.
Healthcare organizations are well aware of the importance of data security. Each year over 65 million people are affected by data breaches, costing healthcare providers approximately $6 billion. And these numbers continue to grow, putting them at risk for violating HIPAA and HITECH regulations, litigation and loss of...
The continuing success of attackers stealing billions of dollars from organizations, often through simple business email compromise scams, is a sad commentary on the state of corporate security practices as well as our collective lack of cybersecurity smarts.
Health insurer Anthem, the victim of a massive hacker attack, failed in its effort to persuade a court to allow it to inspect certain customers' computers to help it fight a class-action lawsuit tied to the breach. Why did Anthem make the move? And what issues does it raise?
Federal regulators have quietly released an updated, extremely detailed protocol for use in phase two of HIPAA compliance audits of covered entities and business associates later this year. Experts say the protocol also can be a helpful tool in self-assessing compliance as well as security strategies.
Tools and techniques need to be identified to aid law enforcement in gathering evidence from devices, such as smartphones, while safeguarding the security and privacy of individuals. Can stakeholders find that middle ground?
The recent surge in ransomware attacks on hospitals has at least one member of Congress contemplating whether HIPAA's breach notification requirements need to be clarified or updated to reflect the trend.
The landscape, as it relates to security has certainly changed since my first HIMSS Conference in 2008. I recall walking the exhibit hall discussing multi-factor authentication and identity management only to receive blank stares or interesting comments from prospective partners and customers. I heard, "we use...
Now that the Department of Health and Human Services has announced that it will soon begin the next round of HIPAA compliance audits, organizations need to take specific steps to prepare in case they're chosen for scrutiny, says attorney Robert Belfort, a regulatory specialist.
HHS says it has launched "phase two" of its HIPAA compliance audit program, portraying this as another interim step toward a permanent program. But will Congress ever approve enough funding to ramp up audits?
Smaller hospitals and clinics must avoid the common mistake of thinking they won't fall victim to cyberattacks, warns risk management expert Tom Andre, vice president of information services at the Cooperative of American Physicians.