Just four months after agreeing to pay an $865,000 penalty for a series of HIPAA violations, UCLA Health System has revealed a breach incident involving the theft of an external hard drive from a former employee's home.
A health and financial information breach that may have affected as many as 10,000 patients at a Kansas hospital illustrates yet again that the actions of a business associate's subcontractor can have a major potential impact on patient privacy.
One reason why so many healthcare organizations are not well-prepared to counter security threats is that "key leadership has not bought into the whole process," says Bob Krenek of ExperianÂ® Data Breach Resolution.
Penetration tests that demonstrate how an unauthorized user could gain access to patient information can be effective in winning support for a bigger information security budget, says David Kennedy of Diebold, Incorporated.
TRICARE, the military health program, has directed its business associate, Science Applications International Corp., to offer one year's worth of free credit monitoring and restoration services to the 4.9 million affected by a recent breach.
Two fraud suspects had the perfect scheme, skimming payment card numbers at local gas pumps and then using counterfeit cards to buy more than $70,000 worth of goods at area merchants. But then they got greedy.
Medtronic's announcement that it's launching an "in-depth risk/benefit analysis" following an "ethical hack" of one of its insulin pumps is good news. We hope that Medtronic and all other medical device manufacturers launch long-overdue, aggressive efforts to improve medical device safeguards.
ID theft expert Joanna Crane wonders whether banks, government agencies and healthcare providers do enough to assist consumers with ID theft recovery, saying consumer expectations are often loftier than what's being done to meet the demand.
Occupy supporters plan today to protest at several banks' headquarters in NYC. Coming on the heels of cyberattacks that targeted police in Boston, how worried should banks be about growing physical threats and cyberattacks waged by Occupy sympathizers?
New research from Carnegie Mellon University's Software Engineering Institute provides further evidence why IT security isn't just the problem of an enterprise's security organization but of its top non-IT leadership as well.
The total number of Americans affected by major health information breaches since the HIPAA breach notification rule took effect could grow by more than 50 percent once two major recent incidents are added to the official federal tally.
The Department of Energy's inspector general identifies flaws in the areas of access controls, vulnerability management, web application integrity, contingency planning, change control management and cybersecurity training.
What fraud and security issues does Paul Smocer, the new president of BITS, see as being top concerns in the coming year? Mobile payments, social media, and a strong need for institutions and organizations to comply with existing guidance top the list.