In the 13th HIPAA enforcement action this year, federal regulators have slapped the University of Massachusetts Amherst with a $650,000 financial settlement and corrective action plan after investigating a relatively small 2013 breach involving a malware infection at a campus speech and language center.
Vulnerable firmware has been highlighted again in a range of low-cost Android phones, raising concerns over their security. This latest incident comes 11 months after security analysts first raised flags.
Adobe will pay a small financial penalty to 15 states to resolve consumer protection and privacy claims following a data breach that affected 38 million active user accounts. The company's legal fees associated with the incident are likely far higher than the settlement amount, experts say.
If President-elect Donald Trump fulfills a campaign promise to repeal Obamacare - which could result in the dismantling of HealthCare.gov and state health insurance exchanges - great caution will be needed to protect the data of millions of consumers contained in those systems.
Prolific hacker Samy Kamkar's latest creation shows how even locked computers can be hacked quite easily, providing further justification for security leaders to block users' computer USB ports.
Last month, the FFIEC issued an FAQ about its Cybersecurity Assessment Tool, reiterating that use of the tool is voluntary. But some critics say regulators are still questioning institutions about their use of the tool during IT examinations, meaning its use is not truly voluntary.
Most - but not all - ransomware attacks against healthcare organizations are reportable breaches requiring notification to affected individuals and federal regulators, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains in this video interview.
An analysis of how the Donald Trump administration will address health IT security and privacy leads the latest edition of the ISMG Security Report. Also, the ramifications of a big breach, and an FBI agent tackles ransomware.
Western experts evaluating China's new cybersecurity law contend it will do very little to safeguard information but will erode privacy rights and make it harder for foreign enterprises to do business in China.
The success of Operation SAMBRE, a global cybercrime investigation into the theft of billions of dollars from banks throughout the world, proves why information sharing between law enforcement and the private sector is key to battling cybercrime.
A federal court of appeals has granted a temporary "stay," or delay, in implementing the FTC's consent order against LabMD while the now-shuttered cancer testing laboratory pursues its appeal of the commission's July ruling in the dispute over the lab's information security practices.
Yahoo in 2014 spotted that an attacker - later revealed to have compromised 500 million accounts - was inside its network, according to a new SEC filing. With Yahoo's $4.8 billion sale to Verizon still pending, the admission adds to the search giant's complications.
A group that hacked the Democratic National Committee - believed to be operating from Russia - has resumed its spear-phishing attacks, including fake emails bearing the names of Harvard University and the Clinton Foundation.
A bill in New Zealand's parliament strives to clear up what the government contends is ambiguity in laws governing its spy agencies, but worries abound that the legislation is too broad.
What impact will the transition to a Donald Trump administration have on HIPAA enforcement and other healthcare privacy and security regulatory activity? Experts offer their predictions.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.