In its second HIPAA settlement revealed this week, federal regulators smacked a New York-based medical research institute with a multimillion dollar penalty after investigating a breach tied to the theft of an unencrypted laptop containing data on several thousand patients and participants in a research project.
Federal regulators have imposed a $1.55 million penalty on a Minnesota healthcare system as part of a settlement following an investigation of a breach involving a business associate. The vendor has already been sanctioned by two other government entities for the same stolen laptop incident.
Although most breach-related class action lawsuits fail, a multimillion dollar settlement of a suit stemming from a data breach at St. Joseph Health System in California illustrates how egregious breaches can have serious financial consequences.
Growing worries about the use of the U.S. financial system to launder funds for terrorists has spurred proposals for new state and federal regulations aimed at tightening money-laundering controls. Attorney Lauren Resnick explains steps banks are taking to help detect suspicious activity.
In an unusual twist, a missing unencrypted laptop containing data on nearly 206,000 patients has been returned by mail to Premier Healthcare, a physician group practice in Indiana. But some experts say the organization might have violated the HIPAA Security Rule.
A new report suggests that a Chinese cyber espionage APT attack group is behind a string of targeted ransomware infections that have slammed U.S. firms. Dig into the details, however, and the report is nothing but speculation, two security experts caution.
The HHS Office for Civil Rights is moving too slowly in issuing HIPAA guidance related to mobile health apps, cloud storage and other emerging technologies, according to a bipartisan group of congressmen. Does OCR have too much on its plate?
Advanced attacks are out, while persistent, relatively simple attacks are in. Despite all of the APT hype in recent years, cybercriminals, and especially nation-state attackers, prefer to keep things simple. Information security experts explain why.
The nonstop pace of "Apple vs. FBI" updates and related crypto debates seemed to exceed both the U.S. government's and the information security industry's advanced persistent spin-cycles at this year's RSA Conference.
How will Home Depot's $19.5 million settlement with consumers impacted by its 2014 data breach affect a pending class-action suit filed by banking institutions against the retailer seeking to recoup breach-related expenses?
The Justice Department's appeal of a court order that the government can't compel Apple to unlock an iPhone used by an accused drug dealer is significant because it sets in motion a process that could lead to a Supreme Court ruling on whether mobile device makers must give law enforcement an encryption backdoor.
Unlike other security and breach reports, Verizon's Data Breach Digest is a collection of data breach investigation case studies from around the world. Verizon's Ashish Thapar elaborates on findings from this digest.