News about recent healthcare information breaches offers an important reminder: Monitoring the privacy and security procedures of your business associates should be a vital component of any breach prevention strategy.
The breach earlier this month of certificate authority DigiNotar could prove to be the worst security event ever to happen on the Internet because it threatens, at its core, a fundamental principle of Internet transactions - economic and social - trust.
Facial recognition technology could prove to be an effective way to authenticate individuals seeking entry to secured buildings or databases storing sensitive information. But the biometric technology already is being abused, and IT security managers employing facial recognition should be careful to encrypt the...
Trust has been a murky trait on the Internet since its inception. Remember the New Yorker cartoon? A dog, sitting by a PC, says: "On the Internet, nobody knows you're a dog." It's hard to trust what you see on the Net. That's more true today than ever.
It is no longer enough for information security professionals to secure critical information. They also need to be asking about the legitimacy of where this information comes from, says John Colley, managing director of (ISC)2 in EMEA.
"Consumer notification is often hampered by the fact that companies must first determine their obligations under 47 different state regimes," says Rep. Mary Bono Mack, R-Calif., the subcommittee's chair and bill's sponsor.
The California Supreme Court has ruled that a key provision of a tough state medical privacy law is not preempted by federal regulations. The evolving case, which eventually could wind up before the U.S. Supreme Court or grow into a class action case at the state level, is worth watching.
No one is really sure when the FFIEC's new authentication guidance will be issued, but we do know banking institutions can't afford to wait. Hence, our new FFIEC Authentication Guidance Resource Center.
"Overall, this draft is not balanced," Rep. Henry Waxman, D-Calif., said at a hearing on the measure "It gives businesses too many protections and consumers not enough. It preempts strong state laws and replaces them with a weak federal one."
If you need one more reason to take additional steps to prevent health information breaches, here's something to consider. An attorney argues that if breaches, and their high costs, are not brought under control, "I think where we are headed is to an insurance crisis."
Revelations that Google's Gmail and Sony Pictures were both targeted by hackers highlights growing concerns about cybersecurity and the sophistication - and frequency - of attacks, as well as how to keep the public informed about such incidents.