Regulators have slapped four small covered entities with HIPAA enforcement actions, including three settlements and one civil monetary penalty. The most egregious case involves an Alabama dentist who disclosed patient information for use in his unsuccessful campaign for state Senate.
Life comes at you fast, especially when you're a breached business such as Okta, which may have exposed customer data or otherwise put the businesses paying for your product at risk. Here's how after detecting the breach, Okta fumbled its response, and what others should learn from this experience.
As President Joe Biden visits Europe this week, the U.S. and the European Commission announced they have agreed in principle to a new Trans-Atlantic Data Privacy Framework. Officials say it will foster cross-border data flows and address concerns raised by the EU Court of Justice in 2020.
The number of major health data breaches posted to the federal tally so far in 2022 - and the total number of individuals affected by those breaches - has surged in recent weeks as reports of large hacking incidents continue to flow in to regulators.
Control is the lifeblood of an effective information security program, but fully locking down endpoints is impossible, not least in the open environment of a public university, says Robert Hellwig, CISO of Germany's University of Siegen. In this exclusive discussion, he recommends approaches.
The past month has been filled with action-packed virtual cybersecurity events as the enterprise community continues to deal with a myriad of cybersecurity challenges. While the topics covered were wide-ranging, ISMG analyzed two summits for common themes and shares the significant takeaways.
Two trends that have only grown over the past two years: Hybrid workforce and adoption of the zero trust architecture. Peter Newton of Fortinet shares how zero trust network access is now key to helping ensure security with workers now balancing on-premise and remote work.
The interplay between security and privacy has changed some aspects of data management and protection. Nader Henein, vice president analyst at Gartner, discusses the factors driving the nexus, how companies can take advantage of it and tips on sharing data with third parties securely.
The pandemic has raised the ante significantly for the attack surface and the level of insider threats facing healthcare sector entities, according to Dave Bailey, vice president of security services, and attorney Andrew Mahler, vice president of privacy and compliance, of consultancy CynergisTek.
On Tuesday, Ireland's Data Protection Commission imposed an $18.6 million penalty on tech firm Meta. That same day, the privacy watchdog was sued by a member of the nonprofit Irish Council for Civil Liberties over its "prolonged inaction" in the Google data breach case.
A Tennessee pediatric hospital is dealing with a cyber incident disrupting patient services, and a Missouri medical center and Colorado cardiology group have reported breaches linked to their recent security events. Experts say these are reminders of the threats facing healthcare sector entities.
A proposed class action lawsuit against a Montana-based healthcare organization after a recent hacking incident affecting 214,000 individuals - the entity's second significant breach since 2019 - alleges, among other claims, that the entity was negligent when it failed to protect sensitive data.
A healthcare services contractor agrees to pay a $933,000 settlement in a whistleblower case about alleged false claims about the security of electronic medical records of military personnel and diplomats. It is the first settlement under the Department of Justice's new Civil Cyber-Fraud Initiative.
Video game developer Ubisoft has confirmed that a cybersecurity incident caused temporary disruption to some of its games, systems and services, and the ransomware gang Lapsus$, which was behind the breaches at Samsung and Nvidia, is implying that it may have been responsible.
The $1.5 trillion fiscal 2022 spending bill approved this week by Congress provides modest funding increases - far below what was requested - for two key Department of Health and Human Services' agencies involved with the protection of health data. It is headed to President Biden for his signature.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.