Leading the latest version of the ISMG Security Report: a look at how various sectors are moving away from checkbox compliance, instead taking proactive measures to secure their information assets. Also, big increase in e-commerce fraud and Yahoo's costly breach.
In this edition of the ISMG Security Report: an analysis of a major fine against a Texas hospital and its implications for how the Trump administration might enforce HIPAA rules. Also, an IRS-related phishing scheme targets businesses.
In this edition of the ISMG Report: An FTC complaint filed against a camera manufacturer could signal the start of a trend to regulate IoT security. Also, Donald Trump adviser Rudolph Giuliani's cybersecurity credentials are questioned, and a terrorist shooting prompts new privacy guidance.
The transition to a new presidential administration makes forecasting for HIPAA enforcement activity in 2017 difficult, says privacy attorney David Holtzman of the consultancy Cynergistek, who sizes up what the HHS Office for Civil Rights might do this year.
Healthcare entities must perform security due diligence when they consider introducing emerging technologies - including "internet of things" devices - into their environments, says attorney Stephen Wu, author of a new book on HIPAA compliance.
An analysis of how the Donald Trump administration will address health IT security and privacy leads the latest edition of the ISMG Security Report. Also, the ramifications of a big breach, and an FBI agent tackles ransomware.
What are the critical elements of developing a "wartime" mindset to deal with serious cyber threats facing the healthcare sector? Find out how presenters and attendees answered this question at ISMG's Healthcare Security Summit.
Federal regulators will be kicking off remote HIPAA compliance "desk audits" of business associates next month and more comprehensive onsite audits of both covered entities and BAs early next year. Learn more about what's next for the audit program.
Intellectual property and protected health information are both extremely valuable to cybercriminals, which is why hackers are increasingly targeting healthcare organizations. Increasingly, patients, providers, pharmaceutical companies and others are relying heavily on mobile devices to exchange sensitive information,...
The hack of health insurer Anthem exposes data on 80 million Americans. A breach of an electronic health records vendor affects dozens of clinics. A California hospital pays a ransom to get data decrypted by hackers. These and other headline-grabbing breaches are getting the attention of CEOs and boards of directors....
In the on-prem world, companies needed experts for each major area of IT provenance: hardware, networking, systems administration, security, operating systems, virtualization, workload balancing, data integration, data cleansing and quality, and then all the function-specific applications that drive everyday business...
Members of Congress have sent a letter to federal regulators saying that because ransomware attacks are "different" from other breaches in the healthcare sector, there's a need for new recommendations in upcoming government guidance.
In the first HIPAA enforcement action against a business associate, federal regulators have smacked a nonprofit organization with a $650,000 penalty following an investigation into a 2014 security incident affecting just 412 patients.
The $940 billion compensation awarded to Epic Systems in its case against Indian IT major TCS is unprecedented - shaking the industry out of its complacency to information security. Cyber law expert "Naavi" takes a close look at the implications for India.
Achieving HIPAA compliance is a journey, not a destination. The regulatory landscape is constantly changing, resources are stretched beyond capacity, disparate systems make it difficult to assess and remediate gaps, and the sophistication of cybercriminals is accelerating faster than most healthcare organizations can...