Tools and techniques need to be identified to aid law enforcement in gathering evidence from devices, such as smartphones, while safeguarding the security and privacy of individuals. Can stakeholders find that middle ground?
The recent surge in ransomware attacks on hospitals has at least one member of Congress contemplating whether HIPAA's breach notification requirements need to be clarified or updated to reflect the trend.
PCI DSS 3.1 is scheduled to become effective as of June 30, 2016, and with that comes several changes - and challenges for security professionals. In an interview, Dell's Tim Brown discusses why network security is instrumental to ultimately meeting PCI DSS 3.1.
The FBI has successfully retrieved data off the iPhone used by one of the San Bernardino shooters and is withdrawing its motion to have a federal court order Apple to help the government unlock the phone. A federal law enforcement official declines to characterize the information discovered on the device.
Now that the Department of Health and Human Services has announced that it will soon begin the next round of HIPAA compliance audits, organizations need to take specific steps to prepare in case they're chosen for scrutiny, says attorney Robert Belfort, a regulatory specialist.
Will the Fed support the use of cryptocurrency and related blockchain technology to help push the movement to faster payments? Experts at ISMG's Fraud and Data Breach Prevention Summit in San Francisco last week considered the possibilities.
Despite the recent move to put the FBI-obtained court order against Apple on hold, the crypto debate is far from over, said a panel of law enforcement, legal and industry experts at Information Security Media Group's Fraud and Breach Prevention Summit in San Francisco.
Neither the FBI nor Apple looks good in the days following the postponement of a hearing on whether Apple should be forced to help the bureau crack open the iPhone of one of the San Bernardino shooters. The FBI's credibility is being questioned as Apple's security technology is being tarnished.
HHS says it has launched "phase two" of its HIPAA compliance audit program, portraying this as another interim step toward a permanent program. But will Congress ever approve enough funding to ramp up audits?
The PCI Security Standards Council envisions a single, globally-unified data security standard. Now that the European Card Payment Association is a strategic regional member, that goal is significantly closer, says Jeremy King, the council's international director.
In its second HIPAA settlement revealed this week, federal regulators smacked a New York-based medical research institute with a multimillion dollar penalty after investigating a breach tied to the theft of an unencrypted laptop containing data on several thousand patients and participants in a research project.
Federal regulators have imposed a $1.55 million penalty on a Minnesota healthcare system as part of a settlement following an investigation of a breach involving a business associate. The vendor has already been sanctioned by two other government entities for the same stolen laptop incident.
Although most breach-related class action lawsuits fail, a multimillion dollar settlement of a suit stemming from a data breach at St. Joseph Health System in California illustrates how egregious breaches can have serious financial consequences.
Growing worries about the use of the U.S. financial system to launder funds for terrorists has spurred proposals for new state and federal regulations aimed at tightening money-laundering controls. Attorney Lauren Resnick explains steps banks are taking to help detect suspicious activity.
A new report suggests that a Chinese cyber espionage APT attack group is behind a string of targeted ransomware infections that have slammed U.S. firms. Dig into the details, however, and the report is nothing but speculation, two security experts caution.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.