Federal regulators have hit a small Denver pharmacy with a $125,000 penalty for a 2012 breach involving improper disposal of paper patient records. It's the second such HIPAA-related penalty within a year tied to improper records dumping.
A class-action suit filed by U.S. banks and credit unions that's pending against Target could prove fruitful for the banks and credit unions, says attorney Chris Pierson, chief security officer at invoicing and payments provider Viewpost.
The buzz at RSA could be felt beyond the session rooms, not least in the Expo Hall, with demonstrations that tapped Google Cardboard and offered an array of enticing tchotchkes - including selfie sticks and sharks with laser pointers on their head.
A group of financial institutions affected by the 2013 Target data breach is asking a court to stop the settlement between the retailer and MasterCard that would provide $19 million to card issuers, saying the amount is grossly inadequate.
The House on April 23 passed a second cyberthreat information sharing bill, the National Cybersecurity Protection Advancement Act. Now it will be combined with the previously approved Protecting Cyber Networks Act before it's sent to the Senate.
Legislation to encourage businesses to share voluntarily cyberthreat information with the federal government by giving them liability protection has won overwhelming approval by the House of Representatives.
How badly does the president want Congress to enact cyberthreat information-sharing legislation? Despite concerns over provisions of two bills, the White House isn't threatening vetoes as it did in previous congresses when raising similar objections.
Are you heading to RSA Conference 2015 in San Francisco? If so, be sure to connect with Information Security Media Group. We'll be out in full force on the Expo floor, as well as running a number of must-attend sessions and events.
The PCI Council has just released PCI DSS 3.1, which calls for mothballing the SSL encryption protocol. What do security leaders need to know about the revised standard? Troy Leach of the council offers insights.
Leaders and top practitioners from numerous federal government agencies will transplant themselves to San Francisco this coming week to share their knowledge on a wide range of topics at RSA Conference 2015.
A House committee approved on April 15 a national data breach notification bill, but the committee chairman concedes that the legislation isn't quite ready for a vote by the full House of Representatives.
The PCI Security Standards Council has published a new version of its data security standard that calls for ending the use of the outdated Secure Sockets Layer encryption protocol that can put payment data at risk.