Federal regulators, in their latest HIPAA settlement, are again reminding healthcare entities about the importance of having business associate agreements with vendors that handle patients' protected health information.
President Donald Trump last week failed to meet a self-imposed, 90-day deadline to issue a report on "hacking defenses." But let's not nit-pick. After all, cybersecurity is complex - something the president is likely discovering along with healthcare and tax reform.
Free advice for breached businesses: Once you admit that you've suffered a data breach or that you're investigating a security incident, disseminate that message far and wide so no one can accuse you of trying to cover it up. That's the lesson from an incident at BlowOut Cards, a sports card trading site.
The latest chapter in the nonstop WikiLeaks saga: As U.S. government officials continue to ramp up their anti-WikiLeaks rhetoric, President Donald Trump has reportedly directed federal prosecutors to examine ways in which members of WikiLeaks could be prosecuted.
Right now in Britain three things remain certain: Death, taxes and having to comply with the EU's General Data Protection Regulation. But legislators have promised U.K. organizations will have a say in how some GDPR provisions get enacted.
Gov. Susana Martinez has signed legislation making New Mexico the 48th state to enact a data breach notification law. Alabama and South Dakota remain the only states without a data breach notification statute.
Ransomware is the largest underground cybercriminal business. And like any business, entrepreneurs continue to find new ways to innovate. A Russian hacker has cobbled together a low-end ransomware kit costing just $175, aimed at anyone who seeks a file-encrypting payday.
New York has become the first US state to issue its own set of cybersecurity rules for financial institutions. What is the potential impact on other states, other industry sectors? Paul Bowen of Arbor Networks shares insight.
John Kelly, in his first speech as the U.S. homeland security secretary, says the American government can't combat the cyberthreat without the active collaboration of the private sector. "The government, God knows, can't do it by itself," Kelly says.
Businesses that fail to block former employees' server access or spot any other unauthorized access are asking for trouble. While the vast majority of ex-employees will behave scrupulously, why leave such matters to chance?
The FDA has warned Abbott that it must submit a plan within 15 days to address previously identified cybersecurity vulnerabilities and other potential safety issues in certain cardiac devices of St. Jude Medical, which Abbott Labs acquired in January.
What should healthcare entities and business associates expect when faced with a data breach investigation or compliance audit by federal regulators? Attorney Marti Arvin discusses the do's and don'ts.
Good news for Microsoft Windows users: The Equation Group exploit tools dumped this month by Shadow Brokers don't work against currently supported versions of Windows, largely thanks to patches Microsoft released in March. But who tipped off Microsoft?
Too many businesses assume that the internet will be around forever, but that's faulty thinking and an impractical business practice, says Information Security Forum's Steve Durbin, a featured speaker at Information Security Media Group's Fraud and Breach Prevention Summit in Atlanta this month.
When she first joined the Los Angeles County district attorney's office, Maria Ramirez prosecuted street gangs. Now she's cracking down on cyber gangs and is opening her case file to share lessons learned from cases involving business email compromise and ransomware.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.