Following its mega-breach, the U.S. Office of Personnel Management suspends use of its online background check application system, citing a vulnerability. Also, the agency now faces a breach-related lawsuit filed on behalf of federal workers.
President Obama proposes spending more money on cybersecurity, replacing government agencies' antiquated, unsecured systems. But what really needs to be done to thwart breaches, like the hack attack against the Office of Personnel Management?
Recent breaches and regulatory audits have sharpened the focus on third-party risks. How are healthcare entities tackling this critical topic of business associate management? Attorney David Szabo shares insights.
The U.S. Office of Personnel Management breach continues to reveal such staggering levels of information security problems, paper-pushing and seeming incompetence that it's creating a new cyber-espionage category: the "victim-as-a-service" provider.
Sony's 2014 cyber-attack cleanup costs continue to mount. The company reports spending $35 million on remediation as of March, and costs will continue to mount, now that a judge has ruled that a class-action lawsuit by former employees can proceed.
Well-known health data privacy expert and federal adviser Deven McGraw is joining the Department of Health and Human Services' Office for Civil Rights as its new deputy director for health information privacy, heading its HIPAA enforcement efforts.
Forget attributions of the German parliament malware outbreak to Russia, or Chancellor Angela Merkel's office being "ground zero." The real takeaway is the Bundestag's apparent lack of effective defenses or a breach-response plan.
When it comes to health data breaches, business associates are again grabbing headlines, calling attention to the importance of scrutinizing vendors. The latest incident involves a breach that wasn't reported to a covered entity for eight months.
Data security expert Kate Borten, a former CISO who's a featured speaker at the June 11 Healthcare Information Security Summit in Boston, warns healthcare organizations against overlooking key data protection steps.
The Gartner Security and Risk Management Summit tackles digital business, a concept that blurs the physical and digital worlds, and requires organizations to reconsider how they approach IT security and risk management.
Healthcare organizations' disaster recovery plans typically don't include steps to deal with looting incidents. But the April riots in Baltimore serve as a reminder that unexpected violence can result in health data breaches.
This year's Infosecurity Europe conference in London - celebrating its 20th anniversary - decamped from Earl's Court to the glass-topped, 19th-century Olympia Conference Center, and featured more than 300 exhibitors and 200 speakers.