Two rules proposed by federal regulators could provide significant help to strengthen cybersecurity in the healthcare ecosystem, says regulatory attorney Julie Kass of the law firm Baker Donelson.
An unsecure database belonging to PayMyTab, a company that provides U.S. restaurants with mobile payment apps and devices, left payment card and other customer data exposed, according to a new report from two independent security researchers.
Two recent reports issued by separate watchdog agencies spotlight data privacy and security challenges at the Department of Veterans Affairs. What were the critical concerns?
The Australian Parliament's computer network was compromised in January after politicians browsed a legitimate website that was compromised. The watering-hole style attack resulted in a small amount of non-sensitive data being revealed, according to the leader of the Senate.
Senator Mark Warner, D-Va., is scrutinizing the Department of Health and Human Services' Office for Civil Rights' response to the recent discovery by German researchers of millions of patients' medical image files being exposed on the internet - including by a U.S. company.
Organizations should develop a comprehensive strategy for managing third-party security risks and avoid over-reliance on any one tool, such as vendor security risk assessment, monitoring or ratings services, says analyst Jie Zhang of Gartner.
Currently employed technologies don't provide a complete, real-time view of cybersecurity risk. Instead, they leave security teams with point-in-time assessments that require them to cobble together data from disparate systems to truly understand the organization's security posture.
A new approach is needed that...
A survey of more than 200 security leaders has shown that enterprise security teams spend an average of 36% of their time manually producing reports, yet 89% of these organisations have concerns on lack of visibility and insight into trusted data.
The need of the hour is to unify security and IT data from different...
Federal regulators have slapped two more organizations with hefty HIPAA enforcement fines. They also announced increases to future HIPAA civil monetary penalties to adjust for inflation - a move some observers say could create confusion and uncertainty, given an earlier announcement about cutting penalties.
Many HIPAA enforcement actions taken by federal regulators have chastised organizations for their poor security risk assessments. In light of this ongoing challenge, HHS has released an updated version of its security risk assessment tool, which includes improved asset and vendor risk management features.
Sen. Maggie Hassan, D-N.H., is demanding that the U.S. Government Accountability Office review how the Department of Homeland Security shares personal data with contractors following several recent security incidents in which such information was exposed.
The National Cyber Security Center, the U.K.'s national computer emergency response team, investigated 658 serious cybersecurity incidents in a 12-month period and supported nearly 900 victim organizations - most of whom learned they had fallen victim after being alerted by the center.
Inadequately protected shared network storage devices at a Department of Veterans Affairs regional office left veterans' personal and health information vulnerable to ID theft, fraud and other compromises, according to a new report. Security experts say this kind of security lapse is common in other sectors.
The State Department's years-long review of former Secretary Hillary Clinton's use of a private email server found that although 38 current or former department officials violated government security policies, there was no "persuasive evidence of systemic, deliberate mishandling of classified information."
As the supply chain in the healthcare sector becomes increasingly complex, so do the cybersecurity risks and threats. New guidance aims to help healthcare organizations better address these challenges, says Darren Vianueva, who co-chaired an industry task force that developed the guidance.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
