The federal "wall of shame" tally of major healthcare information breaches now lists 380 incidents affecting more than 18 million individuals. Meanwhile, yet another class action lawsuit has been filed in the wake of a breach.
The current breach notification landscape is rocky, with 47 U.S. states each having different notification requirements, as well as conflicting global breach legislation causing further disharmony. How can global organizations overcome these breach notification challenges in their compliance efforts?
A key component of any breach response preparation effort is to make certain that all staff members are trained in who to contact within the organization about a security incident "even if they are not sure whether it's a breach," says Dawn Morgenstern, privacy official at the Walgreens national drugstore chain.
A string of data breaches in recent months has put the spotlight on the need to take adequate precautions to protect sensitive information. From hackers issuing phony digital certificates to million of patients having their records potentially exposed as a result of lost or stolen backup files, breaches point to the...
These new sites now make Information Security Media Group the largest global network of information security-focused media sites, reaching the most diverse audience of decision-makers in each of ISMG's key markets.
More than 200,000 payment card accounts have been compromised in a data breach at Restaurant Depot, a food service wholesaler. How did the breach occur, and what have customers been told about the incident?
As legal issues surrounding data breaches become increasingly complex, more organizations are turning to attorneys for post-breach response, says Lisa Sotto, a managing partner for New York-based law firm Hunton & Williams.
The delay in the release of final versions of HIPAA modifications and the HIPAA breach notification rule makes it difficult for healthcare organizations to set information security investment priorities, says hospital privacy officer Kari Myrold.
The plan identifies opportunities to engage the private sector in activities for transitioning promising R&D into practice. It prioritizes the development of a "science of security" to derive first principles and the fundamental building blocks of security and trustworthiness.
A U.S. District Judge has dismissed financial injury claims by nine financial institutions as a result of the 2009 Heartland Payment Systems data breach. But the judge did leave open one avenue for appeal.