Warning to parents and guardians: Beware of collecting, storing or sharing your child's biometric information - including fingerprints and DNA - even if you're creating a so-called "Child ID Kit," because the data is a natural target for identity thieves.
In a rare criminal case involving a HIPAA violation, a former respiratory therapist in Ohio has been convicted of wrongly obtaining individually identifiable protected health information.
In the wake of a majority of British voters opting to leave the European Union, the U.K. Information Commissioner's Office argues that the country should still comply with the EU's data privacy rules. But will politics get in the way?
A short chat with the alleged seller of the LinkedIn and MySpace data begs more questions about how the services were compromised and if there are more large breaches to come.
The FDA is reviewing comments on its proposed cybersecurity guidance for medical devices, including suggestions that it should beef up the guidance with more details. Meanwhile, the agency has issued new proposed guidance clarifying that manufacturers can share device-generated information with patients.
In the aftermath of the massacre at an Orlando nightclub, confusion emerged over whether the Obama administration had issued a waiver to suspend certain privacy provisions of HIPAA to ease communication between clinicians caring for the injured and those patients' families. Learn why the waiver wasn't necessary.
While awaiting new guidance from the HHS Office for Civil Rights, healthcare organizations can take several steps to help determine whether a ransomware attack is a reportable breach under HIPAA, says compliance attorney Betsy Hodge.
Is SWIFT now playing good cop/bad cop? While it initially promised to not police the financial services industry, it's now considering training auditors and suspending banks found to have poor information security practices.
HIPAA has long provided patients with the right to access their own "designated record set" of protected health information. But federal regulators are on a campaign to help patients and healthcare organizations understand records access rights, as well as the related privacy risks.
In the wake of reports that 65 million stolen credentials from micro-blogging platform Tumblr have surfaced online, following 117 million LinkedIn credentials, it's clear that 2016 is fast becoming the year of what one security expert dubs "historical mega breaches."
Organizations chosen for remote "desk audits" of their HIPAA compliance, which will begin this summer, need to be prepared to quickly provide supporting documentation, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains this in-depth audio interview.
Hacker attacks in the healthcare sector so far this year generally have targeted smaller organizations and affected fewer individuals, in contrast with last year's massive hacker incidents. For example, one of the latest victims is a small physician group practice in Texas.
Like class action lawsuits stemming from breaches of electronic health data, a new lawsuit filed in the aftermath of the loss of paper records faces slim chances of success, legal experts say. But will regulators take action in the case?
The influence of President Obama's cybersecurity legacy on the next administration is among the topics to be discussed at ISMG's Fraud and Data Breach Summit in Washington May 17-18. Featured speakers include NIST's Ron Ross, DHS's Phyllis Schneck and Virginia Technology Secretary Karen Jackson.
Russian email service Mail.Ru says its users' credentials contained in data leaked to Hold Security are 99.982 percent invalid, leading it to slam the security firm for stoking "media hype." But Hold Security's CISO contends the leak contains valid email addresses that could be used for phishing and spam.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.