A former respiratory therapist has pleaded guilty in an ID theft case involving more than 800 patient records. A security expert explains why detecting insider fraud can be difficult and offers prevention tips.
FISMA and the Privacy Act allow agencies to redact personally identifiable information from public postings. But the IRS says another law requires it to post public forms without altering them to remove PII. What's the agency to do?
Here are some questions we'd like to ask the former systems administrator at the National Security Agency to learn more about the motivation behind his leak of the U.S. government's top-secret information collection programs.
Facebook acknowledges it exposed 6 million members' phone numbers and e-mail addresses to unauthorized viewers, the latest example of IT security incidents creating mistrust of corporations and governments.
Security and privacy professionals should be cautious about the type of information they share with the federal government's intelligence community, says Peter Swire, a former White House privacy counselor.
Data breach notification legislation before Australia's parliament, if enacted, would add new dimensions to its privacy laws, perhaps influencing lawmakers elsewhere, privacy lawyer FranÃ§oise Gilbert says.
Collecting massive amounts of data on individuals, whether in the government or private sector, has become the norm in our society. It's not quite Orwellian, but it's a situation we might have to learn to live with.
A Department of Homeland Security system used to conduct background checks has been exposing personally identifiable information of employees and contractors since July 2009. DHS says the vulnerability has been fixed.
It isn't just the quantity of cyber-attacks that's staggering; it's the quality. The average hacker now has access to nation-state-level attack capabilities, says James Lyne of Sophos. How can organizations defend?