After the complete collapse of network security at Sony Pictures - in the wake of its data breach - it's important that we highlight some of the organization's fundamental security mistakes. Here's a macro view of the lessons we must all learn.
In the wake of a data breach that followed a routine regulatory, a former regulator is asking why the agency failed to disclose the breach sooner, and why it has not accepted more responsibility for its error.
Federal regulators are sending a powerful message about the importance of applying software patches by slapping an Alaska mental health services providers with a $150,000 HIPAA sanction. Learn what's included in the corrective action plan.
Lawmakers and their staffs are working behind the scenes to get one or perhaps two pieces of cybersecurity legislation enacted before the 113th Congress adjourns this month. But passage remains a longshot.
An ongoing legal dispute between the Texas Health and Human Services Commission and its former contractor, Xerox, has led the state agency to report a breach it claims affected 2 million individuals. Learn what both sides have to say about the case.
A settlement finalized this past week in a class action lawsuit filed in 1997 against Tenet Healthcare for a privacy breach involving thousands of patients' paper records offers important lessons for healthcare providers today.
Sophisticated threats require advanced threat protection. A threat-focused next-generation firewall must adhere to three strategic imperatives. Learn how these imperatives improve defense against advanced threats.
One year after HIPAA Omnibus Rule enforcement began, why do so many healthcare entities and business associates continue to struggle with even the most basic requirements? Security expert Andrew Hicks offers insights.
Once the now-delayed HIPAA compliance audits resume, federal regulators will be conducting more on-site audits and fewer remote desk audits of covered entities and business associates than originally planned.