It's well known that lost or stolen unencrypted computing devices account for the majority of large health data breaches. But a new report from the Department of Health and Human Services shines a light on how frequently breaches - especially smaller ones - involve paper records.
Under a new rule setting standards for the Obamacare health insurance exchanges, those who provide consumers with insurance enrollment assistance and then improperly disclose personally identifiable information can face civil monetary penalties.
An FTC administrative trial examining the data security practices of LabMD, headed by Michael Daugherty, is slated to begin May 20. The hearing could shed light into how the FTC evaluates security when pursuing enforcement actions.
Internet users in the European Union can ask Google and other search engines to remove certain sensitive information from Internet search results, Europe's highest court ruled on May 13. ENISA praised the "landmark decision" on privacy.
Snapchat has agreed to an FTC settlement over security and privacy misrepresentations. The settlement follows an investigation of a breach that compromised the usernames and phone numbers of as many as 4.6 million users.
"Security as a business enabler" was the mantra echoing through the recently concluded 2014 Infosecurity Europe conference in London, a message that should have been heeded by top executives at retailer Target last year.
The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.
The fact that the U.S. federal government would, under some circumstances, exploit software vulnerabilities to attack cyber-adversaries didn't perturb a number of IT security providers attending the 2014 Infosecurity Europe conference in London.
The Target breach. Account takeover. Mobile banking. Big data analytics. If these terms mean anything to you, then stop right now and give some thought to attending our Fraud Summit in San Francisco on April 29.
Information security and privacy work in healthcare environments often requires a depth of specialized knowledge and competency that can be validated through the help of professional credentialing, says CISO Sean Murphy.
A politically conservative watchdog group has filed a lawsuit in an attempt to get answers to its questions about the security of HealthCare.gov, the website for Obamacare. Meanwhile, HHS says the site has had no security incidents.