News about recent healthcare information breaches offers an important reminder: Monitoring the privacy and security procedures of your business associates should be a vital component of any breach prevention strategy.
The breach earlier this month of certificate authority DigiNotar could prove to be the worst security event ever to happen on the Internet because it threatens, at its core, a fundamental principle of Internet transactions - economic and social - trust.
A new report to Congress about major healthcare information breaches shows that federal officials have yet to complete their investigations of corrective actions taken in the wake of 70 percent of incidents.
Preliminary results of our inaugural Healthcare Information Security Today survey, which is still open for participation, show that only about half of healthcare organizations have a plan in place to comply with the HITECH Act breach notification rule.
"The timing and the targets point to China," says cybersecurity policy expert James Lewis. "Spying right before the Beijing Olympics and focusing on Southeast Asia reflects China's larger interests more than those of any other country."
Organizations taking proper preventative measures realize a cost savings of nearly 25 percent over those that don't, an analysis of a survey sponsored by Hewlett-Packard reveals. Still, the study shows, it takes longer to resolve cyberattacks than it did a year ago.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.
The California Supreme Court has ruled that a key provision of a tough state medical privacy law is not preempted by federal regulations. The evolving case, which eventually could wind up before the U.S. Supreme Court or grow into a class action case at the state level, is worth watching.
Recent hacks have uncovered security vulnerabilities that should have been addressed years ago. "These attacks are going to escalate," says Josh Corman of The 451 Group. But organizations can implement basic steps to make the hackers' job harder.