A law firm has developed a free iPhone app, Data Breach 411, to help organizations with breach notification compliance. The app provides links to 46 state data breach notification laws, relevant federal statutes and other resources.
A new guide from WEDI offers some basic tips for organizations assessing incidents under the HIPAA Omnibus breach notification rule. But it's important to address additional factors for effective beach assessment and response, two experts say.
Forbes and Kickstarter have fallen victim to apparently unrelated cyber-attacks that have compromised user accounts. The companies are urging users to reset their passwords and monitor for any suspicious activity.
Healthcare organizations can take several key steps to help avoid the scrutiny of their state's attorney general and defend against possible class action lawsuits in the aftermath of data breaches, says privacy attorney David Navetta.
Website security firm CloudFlare is warning organizations worldwide to be on the lookout for an increase in larger DDoS attacks. But these NTP attacks are far less sophisticated than the earlier DDoS attacks that targeted U.S. banks.
The RSA Conference 2014 will be held Feb. 24-28 in San Francisco, and Information Security Media Group will be the only Diamond Media Sponsor. Learn what's on the agenda at this world-class security event.
Expenses linked to the data breach at Target Corp. have already cost the 58 member institutions of the Consumer Bankers Association more than $170 million - a price they should not have to pay, says the association's David Pommerehn.
The UK Information Commissioner's Office has fined the Department of Justice Northern Ireland Â£185,000 after a filing cabinet that contained personal information about victims of a terrorist incident was sold at an auction.
Organizations in all sectors can improve their compliance with the PCI Data Security Standard by taking five critical steps, says Rodolphe Simonetti of Verizon Enterprise Solutions, which just issued a new PCI compliance report.
The ongoing epidemic of health data breaches involving unencrypted laptops demonstrates why many healthcare organizations need to conduct more meaningful risk assessments, says security expert Dan Berger.