In the twelfth HIPAA enforcement action so far this year, federal regulators have smacked St. Joseph Health System with a $2 million penalty after investigating a breach that exposed patient information to internet searches for more than a year. And more enforcement actions tied to other breaches are on the way.
A federal watchdog agency's reviews of Minnesota's state-operated Obamacare health insurance exchange and Colorado's Medicaid eligibility and claims processing systems reveal a variety of security weaknesses that are also common among healthcare providers.
Understanding the difference between cybersecurity crisis management and security incident response could be critical to your organization's survival. In this blog, a CISO offers insights on creating an effective crisis management plan.
Verizon is reportedly awaiting the full results of a digital forensic investigation into the record-setting Yahoo data breach to ascertain whether it will revise its $4.8 billion bid to buy the search firm. Did the breach have a "material impact" on Yahoo's business? That's the question.
Hacker attacks continue to account for the vast majority of health data breach victims this year, according to the latest federal tally. Some security experts expect that trend will persist as long as many organizations focus narrowly on HIPAA compliance rather than larger cybersecurity issues.
To better mitigate the breach risks tied to the growing use of mobile devices, organizations need to adopt enterprise digital rights management as a way to improve data security, says Gartner's John Girard.
Bad news: A developer has released the source code for Mirai malware, which is designed to automatically find and hack internet of things devices, turning them into DDoS cannons. The malware has been tied to recent record-smashing DDoS attacks.
Don't leap to conclusions on the basis of a new report that suggests Yahoo is preparing to warn the world that it was hacked and lost hundreds of millions of users' account credentials. Someone may simply have harvested passwords reused on other sites.
B. Vindell Washington, M.D., the new head of the Office of the National Coordinator for Health IT, pledges that the agency's top priority of advancing standards-based interoperable, secure health data exchange will continue under his leadership. But what will happen once a new president is elected?
A developer warns that Dropbox gains wide-ranging access to Apple's OS X operating system using a SQL trick that some equate to hacking users' systems. Here's why giving a desktop app unusual access to Apple's privacy settings poses a security risk.
SWIFT screwed up. That's the takeaway from a new report into the Brussels-based cooperative, which alleges that the organization overlooked serious concerns relating to smaller banks' security and the risks they posed to the health of its entire network.
The U.S. Office of Personnel Management - besmirched by a 2015 breach that exposed the personal information of 21.5 million individuals - turns to the military for its new chief information officer. He's DoD Principal Deputy CIO David DeVries.
The next president of the United States should establish a cabinet position focused on cybersecurity, and Congress should create a more focused approach to funding and authorizing IT security initiatives, says Larry Clinton, who heads the Internet Security Alliance.
Delta is warning that a power failure lead to system outages, resulting in numerous flight cancellations or delays. As more airline-related processes get computerized, experts are asking why the airline's systems aren't more resilient.