Dave Forster reports: Rob Hegedus likens website and other malicious data hacks to cockroaches. “If you see one, there’s 20 you’re not seeing,” said Hegedus, the CEO of Suffolk-based cybersecurity firm Sera-Brynn. […] …. any website, no matter its size or affiliation, can wind up in the crosshairs of an attack. “The mentality of, ‘Well,…
Category: Commentaries and Analyses
It’s a Whole New Paranoid World
Delia Ephron writes: There is probably nothing about me that is not in the hands of hackers. First, JPMorgan Chase, where I have a bank account, got hacked, then Sony, where I have worked as a screenwriter, then Morgan Stanley, where I have a brokerage account, then Anthem Blue Cross, which has my medical information. Read…
California Health Care Facility Breach Statute Updated: Changes Effective Now
Paula Stannard reminds us: As a result of recent breaches – including breaches of health information and information held by health insurers – a great deal of attention has recently been focused on state data breach notification requirements. Most States have general data breach notification requirements that apply to all data breaches, including those involving…
Despite Wave Of Data Breaches, Official Says Patient Privacy Isn’t Dead
Charles Ornstein of Pro Publica talked with Jocelyn Samuels, director of OCR. You can read his interview on ProPublica.org. Pretty much everything they touched on has been discussed numerous times on PHIprivacy.net, so you may not find anything new in the interview if you were a regular reader of PHIprivacy.net, but I suppose it’s still reassuring…
OCR’s Enforcement of HIPAA’s Privacy and Security Rules Continues with Robust 2014
From the I-must-have-a-different-definition-of-‘robust’ dept.: Douglas Dahl writes: With the news of the recent cyber-attack and resulting data breach at health insurance giant Anthem Inc., the buzz around data security and privacy is again high. The Anthem breach serves as a reminder to those entities subject to the Health Insurance Portability and Accountability Act (HIPAA) that…
GAO: IRS Needs to Continue Improving Controls over Financial and Taxpayer Data
What GAO found in its new report on Information Security and the IRS: The Internal Revenue Service (IRS) made progress in implementing information security controls; however, weaknesses limit their effectiveness in protecting the confidentiality, integrity and availability of financial and sensitive taxpayer data. During fiscal year 2014, IRS continued to devote attention to securing its…