Data has never been as valuable. Some see it as "the new oil": a gusher of crude material that can be refined to create vast power and wealth. Today, data can identify patterns and trends that lead to opportunities or help to mitigate risks.
Preparedness, technology tools, smart thinking and expert counsel will...
How confident are you that your mobile users are secure? Only 13% of CIOs are "very confident" their mobile users are secure.
Despite many large businesses being unprepared for GDPR, or serving their employees satisfactorily with mobile technology, senior IT decision-makers recognise that security could enable...
There are two broad camps of readiness with regard to GDPR. Opportunists are starting from a position of relative advantage. They generally have better information governance processes in place and are more likely to have more mature security capabilities. They seek to leverage these attributes, adopting best data...
This edition of the ISMG Security Report takes a look at how ready healthcare organizations are for GDPR compliance. Also featured: comments from Alberto Yepez of Trident Capital on the 2018 outlook for information security companies and a summary of the latest financial fraud trends.
Federal regulator's recently issued draft for a "trusted exchange framework" aimed at propelling nationwide, secure, interoperable, query-based health data exchange is a complex proposal that requires careful analysis, says David Kibbe, M.D., CEO of DirectTrust.
The Office of the National Coordinator for Health IT's new chief privacy officer, Kathryn Marchesini, has a wealth of experience. But will the Department of Health and Human Services give her the resources she needs to get the job done?
Mobile phone retailer Carphone Warehouse has been hit with one of the largest fines ever imposed by Britain's data privacy watchdog after an attacker breached its outdated WordPress installation, exposing 3 million customers' and 1,000 employees' personal details.
While a draft "trusted exchange framework" unveiled last week by federal regulators includes proposed components that could raise the bar for the security of health data exchange, some experts caution that elements included in the final document should not be overly prescriptive.
One of the most alarming breaches of 2015, involving Hong Kong toymaker VTech, has resulted in a $650,000 settlement with the U.S. Federal Trade Commission. It's a warning that internet of things security shortcomings - especially involving children's personal data - will have business consequences.
Under what circumstances must a U.S. healthcare provider comply with the European Union's General Data Protection Regulation, which will be enforced beginning in May? In an in-depth interview, regulatory attorney Stephen Wu explains the conditions under which compliance is required.
Federal regulators have clarified that the use of texting to place orders, such as for medications or tests, on any platform - secure or not - is not allowed when treating Medicare and Medicaid patients. Security experts weigh in on key issues to consider when using texting for other purposes.
Federal regulators have released a draft of a trusted health information exchange framework with some detailed security components that go beyond HIPAA requirements. The goal is to advance secure national health data exchange so that clinicians have quicker access to potentially life-saving information.
The U.S. Department of Homeland Security says nearly 250,000 federal employees' personal details were exposed in a 2014 breach of its Office of Inspector General's case management system. Witness testimony and an unknown number of nonemployees' personal details also were exposed.
Despite receiving requests to better align a federal rule regarding the confidentiality of substance abuse records with the requirements of HIPAA, federal regulators only made minor tweaks to the confidentiality rule. Some experts say Congress would have to take action to pave the way for further changes.
Information security truisms: 2017 was the year of more cybersecurity - more attacks, more spending, more defenses, more breaches - and 2018 will see more of everything "cyber," plus GDPR enforcement, proxy wars online and more.