Preliminary results of our inaugural Healthcare Information Security Today survey, which is still open for participation, show that only about half of healthcare organizations have a plan in place to comply with the HITECH Act breach notification rule.
A federal proposal that would require healthcare organizations to provide patients with a report listing everyone who has electronically accessed their records needs revamping, two regulatory experts agree.
A new, free guide on Facebook security, though geared for users, details the practices chief information security officers and other organizational security practitioners should share with their staffs to assure not only safe Internet hygiene when workers access Facebook from work, but for use with other social media...
Various committees in both houses claim jurisdiction over different aspects of IT security, and intra-house squabbling can cause a bill to get lost on its way to becoming law, says Purdue University's Eugene Spafford, who closely follows the progress of cybersecurity legislation.
Ocean Bank failed to implement an effective BSA/AML Compliance Program, with internal controls "reasonably designed to detect and report money laundering and other suspicious activity in a timely manner," regulators say.
As of Aug. 22, 306 major health information breaches affecting a total of almost 11.7 million individuals were included in the official federal tally. Fourteen incidents affecting a total of about 270,000 were added since July 22.
The PCI Security Standards Council's new guidance for tokenization offers clarification and recommendations for merchants struggling to determine which tokenization solution is best, especially where compliance with the Payment Card Industry Data Security Standard is concerned.
Former FDIC head Bill Isaac says U.S. banks have strengthened their financial footing since the market collapse of 2008, but the U.S. economy remains on the verge of a "double-dip" recession. The reason: poorly planned regulatory reforms.
The team at the European Network and Information Security Agency identified 50 security threats that exist within the new web standards and sent recommendations for how they should be addressed to W3C.