Healthcare

PCI-DSS: Not on health care provider's radar

Jim Lacy, CFO, ZirMed June 19, 2009

In 2009, virtually all health care providers take credit cards - and virtually none of them are PCI compliant.
 

Virginia notifies breach victims

Dan Kaplan June 05, 2009

The Virginia Department of Health Professions this week began notifying about 530,000 people whose Social Security number was part of records that may have been exposed when hackers gained access to the agency's Prescription Monitoring Program database. The agency learned of the compromise when it received letters that the culprits were demanding a $10 million ransom be paid, or they would release some eight million patient records. State officials still are unsure what information may be at risk but said they are sending the letters as a precaution. — DK
 

Octomom's hospital fined

Angela Moscaritolo May 15, 2009

California health officials have fined Kaiser Permanente Hospital $250,000 after hospital employees illegally accessed medical records for octuplet mother Nadya Suleman. Hospital spokesman Jim Anderson told the Associated Press the state found that the hospital did not do enough to prevent the privacy breach. The hospital did, however warn workers to stay away from Suleman's files. — AM
 

Hackers seek payment after break-in on state health care site

Dan Kaplan May 05, 2009

Security experts remain puzzled how hackers orchestrated their compromise of a Virginia state health care website.
 

Former IT head admits guilt

Dan Kaplan May 01, 2009

The former IT director at the Houston-based LifeGift Organ Donation Center has pleaded guilty to charges she illegally accessed the organization's network to delete data, according to a U.S. Department of Justice news release on Thursday. Danielle Duann, 51, remotely accessed the network from her home, two days after she was fired in November 2005. She deleted a number of files, applications and backups related to LifeGift's organ and tissue procurement operation, causing $94,200 in damage. She is scheduled to be sentenced in July and faces up to 10 years in prison. — DK
 

Swine flu cases cause outbreak of fraud on internet

Dan Kaplan April 27, 2009

Reports of swine flu in Mexico and the United States has caused an outbreak of its own on the internet, with reports of a precipitous rise in spam and rogue internet sites being created to reference the hot news item.
 

How the recession is affecting IT spending

Angela Moscaritolo April 20, 2009

Despite the financial crisis, companies are still putting forth money for IT security efforts while overall IT spending is less of a priority, according to a new survey conducted by strategy and business advisory firm MetroSITE Group, and Pacific Crest Securities, a technology investment bank.
 

Corporate users increasingly skirt security infrastructures

Angela Moscaritolo April 16, 2009

In a recent assessment, organizations had an average of 156 applications traversing their networks -- some of which pose a danger to the organization.
 

Pharmacy hackers busted in Romania

Dan Kaplan April 14, 2009

Romanian authorities, in cooperation with the FBI, have nabbed five people accused of stealing credit card information from U.S. pharmaceutical firms.
 

Octomom's hospital records accessed, 15 workers fired

Angela Moscaritolo March 31, 2009

Kaiser Permanente Bellflower Medical Center recently fired 15 hospital workers for accessing the medical records of octuplet mother Nadia Suleman without permission.
 

Group unveils first-of-its-kind standard to secure patient data

Dan Kaplan March 02, 2009

An unprecedented health care common security framework seeks to raise patient trust, while enabling organizations to more effectively meet compliance mandates -- especially as they move toward electronic records.
 

Comprehensive health care security with ISO 27001

Brian Wolfe, partner, Laurus Technologies February 24, 2009

Now that that the stimulus package has passed, health care information security moves from an objection to a requirement. There is growing acceptance that, like it or not, electronic medical records will play a more important role in health-care service delivery.
 

CVS to pay $2.25 million to settle HIPAA violation

Dan Kaplan February 18, 2009

CVS Caremark has agreed to pay nearly $2.3 million for violating federal privacy laws regarding the protection of patient information.
 

Medical data leakage rampant on P2P networks

Angela Moscaritolo February 11, 2009

The risk of patient information disclosures on peer-to-peer networks is much higher than if a health care worker loses a laptop or removable storage device, according to new Dartmouth College research.
 

Don't blame the employees for peeping: Organizations are at fault for poor access governance

Brian Cleary vice president of products and marketing, Aveksa February 09, 2009

Some employees are taking advantage of access policy gaps without realizing they are breaking privacy laws.
 

A call to revamp HIPAA

Chuck Miller February 04, 2009

Protecting patient privacy during health-related research should be controlled separately from HIPAA regulations, according to a new Institute of Medicine report.
 

Annual study reveals cost of a data breach keeps climbing

Dan Kaplan February 02, 2009

The cost of a data breach rose to a new record in 2008, according to the fourth annual Ponemon Institute study.
 

Stimulus bill includes protection for digital health care records

Dan Kaplan January 30, 2009

The $818 billion economic stimulus bill that the U.S. House passed this week includes security and privacy controls regulating the digitization of patient health records.
 

CASE STUDY: phion airlock in use at Herba Chemosan

January 27, 2009

A pharmacist wholesaler in Austria modernized its distribution systems and found protection for its network.
 

HIPAA: Getting in tune

Greg Masters January 15, 2009

The heat has been turned up for those charged with bringing their institutions into HIPAA compliance, reports Greg Masters.
 

EHR security and privacy

Keith Hamilton, senior consultant, Concordant January 15, 2009

A well-planned security program saves health care companies more than money.
 

Data breaches rose dramatically during 2008

Chuck Miller January 06, 2009

Breaches continue to plague organizations, despite more widespread education on safe information handling, as well as new laws and regulations, according to a nonprofit.
 

Fending off network attacks

Greg Masters December 23, 2008

With attackers shifting their focus to applications, the IT team at University of Miami, Miller School of Medicine, decided it was time to upgrade the school's intrusion prevention solution, reports Greg Masters.
 

IT-GRC: Agiliance

Peter Stephenson December 03, 2008

And so we reach the end of this year's batch of innovators. But, as we look at this subcategory, we find that it wraps the whole shebang into a neat package, defining what needs to be done to secure the enterprise (and prove it) and why.
 

Policy management: LanDesk (Avocent)

Peter Stephenson December 03, 2008

All of us old-timers remember LanDesk from its days as part of Intel. It always was a solid suite of products. Now that it is part of Avocent, its promise as a hybrid of network and security policy management is being realized. The notion of managing the desktop and evolving that into security policy management makes a lot of sense.
 

Content management: Finjan

Peter Stephenson December 03, 2008

The views of the visionary I spoke with from this veteran anti-malware company took the conversation in directions I had not expected. He started out by asking, "Why, if I have done everything I can to secure my enterprise, is my data still being compromised?"
 

Data leakage/extrusion prevention: Trend Micro

Peter Stephenson December 03, 2008

I don't recall the first time I heard the term "extrusion prevention system." It was, I think, an effort on the part of some marketer to tie the notion of preventing data from unauthorized exit (extrusion) from the enterprise to the notion of unauthorized entry (intrusion). Very clever.
 

Encryption: PGP

Peter Stephenson December 03, 2008

No matter how much things change, they stay the same. As I have pointed out, there have been massive changes in security drivers over the past 12 months. The changes have generated a new set of challenges, but, even though our encryption innovator has done a first-rate job of addressing them over the past year, the new issues are generating a sort of déjà vu picture of the encryption market.
 

Email security: Tumbleweed Communications (Axway)

Peter Stephenson December 03, 2008

The big question I had for Tumbleweed was, "What is email security?" Over the past two years, as we have passed products through SC Labs, I have noticed that the vendor public relations folks who we talk to seem to have a hard time differentiating between the many aspects of threats associated with email.
 

Wireless Security: AirMagnet

Peter Stephenson December 03, 2008

Wireless, is it? Everything is going wireless - well almost everything. That, in itself, poses a challenge for a wireless security company, such as this innovator. It also offers big opportunities and AirMagnet has identified and addressed them.
 

Latest News

« Previous
Next »
Popular Topics
Analyst Reports & Industry Surveys Anti Spam Anti Virus Application Security Breaches & Exposures Browser Flaws Browsers And Security CAN-SPAM Act Compliance Data Loss Prevention Data Theft Security DDoS Endpoint Protection External Threats Facebook Government Industry Surveys Lawbreakers & Cybercrime Malware Privacy Social Networks Spam Spam Techniques Trojans Vulnerabilities & Flaws