Amidst the increasing security chaos facing individuals and organizations, one of the dominant themes at this year's RSA Conference was the need for information security professionals to do more, bringing order to enterprise IT security as well as by influencing public policy.
Plans to launch some onsite HIPAA compliance audits are now on hold while the agency that enforces HIPAA completes more than 200 desk audit reports, says Deven McGraw, deputy director of the Department of Health and Human Services' Office for Civil Rights.
New York has become the first state to impose a cybersecurity regulation on financial institutions and insurers. Will other states follow with their own regulations to strengthen security in these business sectors?
Federal regulators have signed a $5.5 million HIPAA settlement with a Florida-based healthcare system for breaches related to unauthorized employee access to more than 100,000 patients' information in a case that subsequently led to federal criminal charges.
Europe's GDPR has business leaders everywhere talking about privacy. But are they having the right conversations? Michelle Dennedy, chief privacy officer at Cisco, offers her perspective.
Cybersecurity attorney Randy Sabett finds himself involved in many lawsuits tied to breach response and data protection. What tips can he share from cases he has litigated?
Increasingly, security leaders want to migrate from disparate point solutions to integrated security platforms. Kevin Flynn and Ravid Circus of Skybox Security lay out the business and security benefits.
The FTC and FCC are among U.S. regulators now starting to flex their muscles when it comes to enforcing cybersecurity standards, says attorney Joseph Burton. What enforcement trends might we expect to see in 2017?
Easy Solutions' Ricardo Villadiego addresses how the digital revolution, millennials and the pervasive use of online communications affect financial fraud.
Australia's Parliament has passed a mandatory data breach notification law that requires some organizations to tell consumers and regulators about an incident within 30 days or face hefty fines. But one security expert says the law has gaps that could pose risks.
As ransomware attacks continue to plague organizations in healthcare and other sectors, Maryland is considering legislation specifically identifying ransomware attacks as a crime punishable with prison sentences. California and Wyoming are among the states that have enacted somewhat similar legislation.
At this year's RSA Conference, we have about 35 videos on the docket. And truly we're talking about the A-Z of information security thought leaders, from CrowdStrike co-founder Dmitri Alperovitch to ZixCorp CEO David Wagner, with a stop in the middle to discuss homeland security with U.S. Rep. Michael McCaul.
When it comes to health data privacy and security issues, industry experts aren't sure what to expect from Tom Price, M.D., the newly confirmed secretary of the Department of Health and Human Services. But they offer a wish list of what they hope will happen.
What do the 22 health data breaches reported in 2017 that have been added to the federal "wall of shame" tally have in common? Find out in this latest update.
Televisions that spy on their users have long been a trope of dystopian fiction, including George Orwell's "1984." But the spying TV appears to be far from fictional, according to a new settlement agreement reached between the FTC and smart-TV maker Vizio.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.