With the announcement of a breach affecting 4.9 million patients in the Defense Department's TRICARE healthcare program, there have now been five incidents that each affected at least 1 million individuals since the HIPAA breach notification rule took effect.
It's been well over a year since the passage of the Dodd-Frank Wall Street Reform and Consumer Protection Act. How should banking institutions prepare for the hundreds of new regulations expected to come as a result of this landmark legislation?
The Department of Homeland Security becomes the first federal agency to award a task order using a General Services Administration's blanket purchase agreement for an infrastructure-as-a-service, cloud-computing offering, says GSA Assistant Commissioner Mary Davie.
Melissa Hathaway doubts Congress will enact a cybersecurity law. "I fear we will continue to watch the bills 'sit here and wait, while a few key congressmen sit and debate. It's not easy to become a law," she writes, citing a kid's jingle.
Only one of three national breach notification bills that won approval in the Senate Judiciary Committee last week would address a gap in protections for healthcare information, says Harley Geiger of the Center for Democracy & Technology.
Federal authorities deserve credit for adding privacy and security details to the final version of the Federal Health IT Strategic Plan, several observers say. But some still believe the document doesn't go far enough in spelling out specific action steps and priorities.
Former CIA lawyer and senior congressional staffer Suzanne Spaulding will assume the Federal Protective Service, Infrastructure Protection, Risk Management and U.S.-Visit portfolios. Current Acting Deputy Undersecretary Greg Schaffer will oversee cybersecurity.
As smartphone usage grows, so do emerging threats of mobile malware. When it comes to mobile banking security, financial institutions can only do so much. Security solutions will have to come from mobile vendors, says ENISA's Giles Hogben.