What should healthcare entities and business associates expect when faced with a data breach investigation or compliance audit by federal regulators? Attorney Marti Arvin discusses the do's and don'ts.
An increase in unemployment isn't always a bad sign. It could reflect that more people are entering the workforce and looking for work, but have yet to land jobs. Could that be happening with IT security practitioners?
The Department of Health and Human Services is making progress in building its new team to lead IT-related efforts, including addressing health data privacy and security matters. Among the appointments: Donald Rucker, M.D., is the new national coordinator for health IT.
More than 60,000 servers running Microsoft's out-of-support IIS 6.0 server software may be vulnerable to a newly revealed zero-day exploit. No patch will be produced, but a workaround can blunt an attack.
Microsoft's docs.com service has been an open window to viewing people's personal data. The company appears to have taken some steps to contain the exposure, but those watching closely say sensitive data can still be found via search engines.
Like many other inventions now common in modern life, distributed cybercrime may seem trivial today. But this concept emerged little more than a decade ago and has already dominated the threat landscape.
The Trump administration has named Roger Severino as the new director of the Department of Health and Human Services' Office for Civil Rights, which enforces HIPAA and protects patients rights. Meanwhile, it remains unclear who will lead the Office of the National Coordinator for Health IT.
Under HIPAA, the theft or loss of encrypted computing or storage devices is not considered a reportable data breach. But a recent incident at a Kentucky-based healthcare organization demonstrates that making a determination on whether an incident is a reportable breach isn't always clear-cut.
Several recent health data security incidents serve as reminders of why healthcare entities need to stay focused on efforts to prevent and detect insider breaches, even as attention is diverted by headlines about hacker attacks.
Britain's GCHQ intelligence agency dismissed as "utterly ridiculous" claims that it conducted surveillance on then-candidate Donald Trump at the request of President Obama. The White House reportedly apologized to the British government for its comments.
The Trump administration has called for trimming the budget for the Department of Health and Human Services by 18 percent. But what do we know so far about proposed funding for HHS initiatives designed to help ensure health data security and privacy?
Little by little, the Trump administration is filling key leadership positions in the Department of Health and Human Services that can have an impact on privacy and security issues. Could these new leaders make big changes?
An important theme that emerges from the HHS Office for Civil Rights' dozens of HIPAA settlements is that all aspects of compliance are critical and subject to close scrutiny by federal regulators, says former OCR director Leon Rodriguez.
Leading the latest version of the ISMG Security Report: a look at how various sectors are moving away from checkbox compliance, instead taking proactive measures to secure their information assets. Also, big increase in e-commerce fraud and Yahoo's costly breach.