Federal advisers are considering options for reinforcing the importance of risk assessments in the rules for Stage 3 of the HITECH Act's incentive program for electronic health records.
One banking association is lobbying to have merchants held more accountable for attacks against their networks and systems that breach card data. But will their efforts convince Congress?
Malware attacks against retailers are becoming more common. Many breaches linked to these attacks could be prevented, experts say, if merchants took more steps to lock down networks and point-of-sale devices.
Organizations looking at implementing encryption should consider taking a unified approach, says Karen Scarfone, who coauthored NIST's encryption guidance. Learn about her other recommendations.
Health data breaches involving the loss or theft of unencrypted computing devices are a persistent problem, according to the most recent federal statistics. A security expert offers insights and advice.
A new report claims the Department of Veterans Affairs transmits unencrypted data, including patient records, across unsecured networks. But the VA offers a different assessment.
In notifying customers of a breach, the online archiving service Evernote might have confused some customers by sending them an e-mail that contained a clickable link to be used to reset passwords - despite warning against using such links.
The Federal Reserve confirms it's been breached. What message does this attack send to banking institutions and their vendors about the heightened urgency to implement security best practices?
While a privacy advocate is demanding federal guidance on protecting health data in the cloud, one federal official says pending HIPAA modifications will help ensure patient data is safeguarded.
The recent theft of an unencrypted laptop from a healthcare business associate offers an important reminder: Double-check the security measures vendor partners take to protect patient information.
The National Institute of Standards and Technology has issued new guidance titled "Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping," the sixth part of a series of recommendations regarding the modes of operation of block cipher.
Karen Scarfone, who coauthored NIST's encryption guidance, sort of figured out why many organizations don't encrypt sensitive data when they should. The reason: they do not believe they are required to do so.
While some healthcare organizations are quickly rolling out privacy and security policies for employee-owned mobile devices, others are moving slowly. What BYOD tips do healthcare security leaders offer?
Two new reports re-confirm that healthcare organizations are experiencing expensive data breaches, many of which could have been prevented by taking specific steps.
A report released by Gov. Nikki Haley says the hacker obtained the password when an employee of the Department of Revenue opened an e-mail containing malicious computer code.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.