A breach incident affecting patients at Stanford Hospitals & Clinics offers yet another example of the risks involved when sharing data with business associates and their subcontractors.
Alastair MacWillson says the lack of harmonization among state, national and international security laws and regulations has proved challenging for global organizations that want to work in the cloud.
As employers increasingly realize the importance of information risk management, security, audit and governance, they look to certifications to identify prospective employees.
The nation's new chief HIPAA enforcer views the protection of privacy as an important way to help ensure patients have access to care. And his passion about the issue means you can expect HIPAA enforcement efforts to intensify in the months ahead.
It's ironic that Congressional Democrats and Republicans say they're willing to compromise on cybersecurity legislation. With so much else these days in Congress, compromise is not a 10-letter, but 4-letter word.
"It should provide fuel for anyone calling for data breach legislation to include criminal sanctions ...," says Neal O'Farrell of the Identity Theft Council. "This was nothing short of a clumsy cover-up."
All 4.9 million TRICARE military health plan beneficiaries that were affected by a recent data breach will be notified by mail, but they won't be offered free credit monitoring services.
Organizations have started achieving PCI compliance, but it's a struggle for many to maintain, says Jen Mack, director of PCI Consulting Services for Verizon.
Ineffective or noncompliant security practices of service providers, the inability of customers to examine controls, the prospect of data leakage and the loss of data if a cloud service is terminated present challenges.
Benjamin Franklin. Thomas Edison. Henry Ford. If there were a Mount Rushmore of great inventors, it wouldn't be out of line to imagine Steve Jobs' face carved into the stone.
Deputy Defense Secretary William Lynn III cautions that cuts to IT security initiatives, when they come, must be carefully applied, and certain areas must remain exempt from the budget ax, such as cybersecurity.
"Organizations are putting in layers of security and tools to safeguard information and assets, however, the fraudsters are attacking our weakest link, the consumer," says Anthony Vitale of Patelco Credit Union.
House Republicans issue their cybersecurity legislative agenda that, in many respects, parallels the goals offered by the Obama administration and Senate Democrats, but it definitely has a GOP tinge to it.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.