"Durbin, as it stands today, is very poor for the payments industry and the consumer, because it would lend itself to reducing fraud prevention and detection," says one banking/security leader about the controversial Durbin Amendment to Dodd-Frank banking reform.
After hearing objections from hospitals and physicians about a proposed "opt-in" approach to obtaining patient consent for health information exchange, the Maine legislature has passed a rewritten measure that spells out rules for an "opt-out" approach.
The Office of the National Coordinator for Health IT has selected the American National Standards Institute to accredit organizations that will certify electronic health records software for the HITECH Act EHR incentive program.
The executive director of a Southern California health information exchange describes a pilot project that's testing whether patient identifiers make it easier to match patients to their records from multiple organizations.
Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.
Some organizations hesitate to involve law enforcement in their breach investigations for fear that exposing the hack would cost them their reputations and money. A Justice Department contingent tells a gathering of lawyers why that impression is wrong.
"I'd like to make sure our recommendations fit with what the FFIEC is recommending, to continue to help us mitigate risk," says Michael J. Wyffels, SVP and CTO of QCR Holdings Inc. "But the hackers seem to continue to find new ways to exploit vulnerabilities."
When a database breach occurs, consumer notification continues to be a public problem. And it's time for the federal government to step in, says Linda Foley, co-founder of the non-profit Identity Theft Resource Center.
Victimized by a hack of its SecurID authentication token that resulted in the breaches of several customers' IT systems, security maker RSA is expected to announce its first chief security officer as early as Friday.
The Health IT Policy Committee on June 8 made recommendations on a number of privacy and security issues, including the use of digital certificates by participants in the Nationwide Health Information Network initiative.