A U.S. federal jury found Joe Sullivan, former chief security officer of Uber, guilty of covering up a 2016 data breach that exposed the personal information of tens of millions of account holders. The trial was a landmark, likely marking the first time a chief security officer has faced criminal charges over an...
At the onset of the novel coronavirus public health emergency, regulators said they would not enforce certain potential HIPAA violations involving telehealth. But with that 2020 policy still in play, patients need to be better informed of telehealth's privacy and security risks.
The steady barrage of acquisition reports around publicly traded digital experience vendor Akamai has intensified in recent weeks. The latest salvo landed Monday when StreetInsider reported that the intelligent edge platform provider held talks with a private equity firm about a potential takeover.
A Maryland couple faces federal indictment for an alleged conspiracy to provide the Russian government with military medical records. Anna Gabrielian and U.S. Army Maj. Jamie Lee Henry supplied an undercover FBI agent with medical records of military personnel.
In the latest weekly update, ISMG editors discuss how organizations can comply with the new PCI DSS 4.0 requirements, whether other countries should follow the U.S. lead on legislating software bills of materials, and key strategies for CISOs preparing for an economic downturn.
African nations have long sought common cybersecurity and privacy laws to facilitate e-commerce across the continent, but of the 55 countries that signed the convention in 2014, so far only 13 have enacted laws. Lucien Pierce of PPM Attorneys explains why it's a complex, time-consuming process.
"It's stupid and adds zero value," writes Ian Keller, director of security at a telecom company, about connecting hospital networks - and especially life-sustaining information - to the internet. He encourages CISOs to be socially responsible about their moral obligation to patients.
Healthcare providers and their health IT vendors need more time to meet a pending federal deadline to comply with information-sharing regulations that pertain to an expanding set of electronic health information, say a slew of heavyweight lobbying groups in a letter to federal regulators.
California Gov. Gavin Newsom on Tuesday signed into law two bills containing privacy protections for information related to reproductive health and abortion, in the wake of the Supreme Court's ruling overturning Roe v. Wade. Other states may follow suit.
A congressional deal will ensure the U.S. Food and Drug Administration can continue collecting fees from medical device manufacturers but at the price of dropping increased cybersecurity mandates for the industry. Requiring manufacturers to patch devices had bipartisan support.
Earlier this year, the PCI Security Standards Council issued version 4.0 of PCI DSS. Two experts from Verizon, Ferdinand Delos Santos and Rokon Zaman, discuss the new requirements of the regulations and strategies for implementing them to reduce risk and improve an organization’s overall security.
Should the now-former CSO of Uber have reported a security incident to authorities after discovering signs of unusual behavior? That's one of the big questions now being asked in the closely watched trial of Joe Sullivan, who's been charged with covering up a data breach and paying off hackers.
Credit card giant Capital One is moving past its 2019 hacking incident as federal regulators stop requiring quarterly updates on efforts to improve cybersecurity and a federal judge signs off on a $190 million settlement in a proposed class action lawsuit.
Errol Weiss, chief security officer of Health-ISAC for the past three years, watched the healthcare sector undergo a historic revolution in the digital delivery of services to patients. Also in that time, the attack surface grew exponentially. How can entities best defend it?
Recent hacking incidents involving an emergency medical transport company and a firm that provides billing services to ambulance companies underscore how protected health information is subject to risk and oversight alike before a patient even steps into a hospital.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.