Did Massachusetts' first registered medical marijuana dispensary break federal or state privacy regulations by accidentally sharing patients' email addresses? Experts explain that ... well, the answer is a little hazy.
Thou shalt not reverse engineer Oracle's products. That was the stunning diktat issued by Oracle CSO Mary Ann Davidson in a blog post that some are reading as a declaration of war against the security research community.
A new report says the Department of Health and Human Services has several security weaknesses that may have contributed to five recent data breaches. But are other healthcare entities guilty of the same mistakes?
The Ashley Madison dating website hack and threatened data release is a perfect illustration of the perils - and promise - of our Internet-connected, hacktivist age, whether it comes to online dating or the Internet of Things.
With so much stolen PII available to fraudsters, it's time for banks and others to move to more sophisticated forms of authentication of customers' identities. Knowledge-based authentication is no longer reliable.
Federal regulators have slapped a Boston area hospital with a $218,000 HIPAA penalty after an investigation following two security incidents. Experts analyze the lessons that the settlement agreement offers.
The U.S. House has passed a bill aimed at accelerating the advancement of medical innovation that contains a controversial provision calling for significant changes to the HIPAA Privacy Rule.
Covered entities find it difficult to prevent unauthorized access to patient data by members of their staffs. Preventing breaches involving insiders at business associates can be even trickier, as an incident affecting Meritus Health illustrates.
As federal lawmakers return this week from their Independence Day recess, Congress picks up where it left off before the break: holding hearings on the Office of Personnel Management breach that exposed the personal records of millions of government workers.
President Obama proposes spending more money on cybersecurity, replacing government agencies' antiquated, unsecured systems. But what really needs to be done to thwart breaches, like the hack attack against the Office of Personnel Management?
Recent breaches and regulatory audits have sharpened the focus on third-party risks. How are healthcare entities tackling this critical topic of business associate management? Attorney David Szabo shares insights.
A former hospital CFO has been sentenced to 23 months in federal prison for submitting false documents so a medical center could receive payments under the HITECH Act electronic health records financial incentive program.
The Office of Personnel Management data breach is merely a symptom of a much larger problem across all federal government executive branch agencies, and it's not going away anytime soon.
Well-known health data privacy expert and federal adviser Deven McGraw is joining the Department of Health and Human Services' Office for Civil Rights as its new deputy director for health information privacy, heading its HIPAA enforcement efforts.
Forget attributions of the German parliament malware outbreak to Russia, or Chancellor Angela Merkel's office being "ground zero." The real takeaway is the Bundestag's apparent lack of effective defenses or a breach-response plan.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.