A new guide from WEDI offers some basic tips for organizations assessing incidents under the HIPAA Omnibus breach notification rule. But it's important to address additional factors for effective beach assessment and response, two experts say.
Healthcare organizations can take several key steps to help avoid the scrutiny of their state's attorney general and defend against possible class action lawsuits in the aftermath of data breaches, says privacy attorney David Navetta.
Expenses linked to the data breach at Target Corp. have already cost the 58 member institutions of the Consumer Bankers Association more than $170 million - a price they should not have to pay, says the association's David Pommerehn.
Organizations in all sectors can improve their compliance with the PCI Data Security Standard by taking five critical steps, says Rodolphe Simonetti of Verizon Enterprise Solutions, which just issued a new PCI compliance report.
At a Feb. 4 Senate hearing, a senior executive from Target Corp. endorsed a shift to chip cards, combined with PINs, to enhance security, while a Neiman Marcus executive questioned if that was a prudent move.
The PCI Security Standards Council has no plans to modify its standards for payment card data security in response to high-profile payment card breaches at Target and Neiman Marcus, says Bob Russo, the council's general manager.
Retail data breaches are growing. ISight Partners' Tiffany Jones, a researcher who helped the Department of Homeland Security prepare its report about malware attacks, offers new insight into the latest cyber-attacks.
In light of recent high-profile retail breaches, The Financial Services Roundtable is asking Congress to pass a national data breach notification law and expand oversight of the retail and telecommunications sectors.
In the quest to prevent data breaches, healthcare providers should take advantage of the free privacy and security resources available from federal regulators. Find out about the most popular guides offered.
Cybercriminals exploiting weaknesses in how users employ passwords is a significant factor behind an increase in records exposed in breaches during 2013, says Craig Spiezle of the Online Trust Alliance.
The healthcare industry is becoming a bigger target for cybercriminals, so cyber-attack drills planned for this year are an important step toward identifying security best practices, says Ray Biondo, CISO of insurer Health Care Service Corp.