Patrick Benoit, a seasoned security leader and CyberEdBoard member, advises security leaders to lead by example and not worry about showing any of their own vulnerabilities, not least when they make a mistake. "It's OK to fail or misstep … That's what makes you a stronger leader," he said.
Federal regulators have fined a Catholic healthcare system $35,581 for HIPAA violations requiring a corrective action plan after the Pennsylvania provider impermissibly disclosed a female patient's reproductive health and other sensitive information to a prospective employer.
A U.S. federal appeals court ruled U.S. Department of Treasury exceeded its authority by sanctioning Tornado Cash, a cryptocurrency mixing service used by North Korean hackers to launder more than $455 million. Smart contracts "are not capable of being owned," the court ruled.
The U.S. Department of Health and Human Services' Office for Civil Rights should restart and toughen the scope of its HIPAA audits. A watchdog agency says HHS needs to better assess whether regulated healthcare organizations are taking required actions to reduce their cybersecurity risk.
An Illinois gastroenterology practice and a California pulmonary practice are among the latest medical specialty groups targeted by cybercriminals who claim to have their patients' sensitive health information. Attacks on such specialty healthcare practices appear to be rising, some experts said.
Russian-based cybercrime gang BianLian has continued to thrive since shifting from using double extortion strategies to primarily data theft last year. BianLian is the third most active ransomware gang with a penchant for healthcare, and authorities are warning that the group has adopted new TTPs.
British lawmakers sought assurances Tuesday from the U.K. government that proposed data use reform legislation will not cause the country to lose its data-sharing rights with the European Union. Lawmakers also warned about potential AI risks arising from the bill.
The U.S. Department of Health and Human Services needs to take important actions to do a better job of carrying out its duties as the lead federal agency responsible for strengthening cybersecurity in the healthcare and public health sector, said a new federal watchdog agency report.
The Justice Department has seized PopeyeTools, a notorious cybercrime marketplace, while announcing criminal charges for three alleged operators behind the website, which generated over $1.7 million in revenue, according to a Wednesday announcement.
Nightwing CEO John DeSimone reveals how the company’s independence from Raytheon allows it to better serve customers, invest in intelligence, advanced AI and data solutions, address sophisticated cyberthreats, and maintain a no-fail mission approach in the face of rising security threats.
Federal regulators have fined a Los Angeles county mental health clinic $100,000 for failure to provide a patient with timely access to her requested health records during the COVID-19 pandemic. The case is the U.S. government's 51st HIPAA patient right-of-access enforcement action.
India's Competition Commission has fined social media conglomerate Meta over $25 million for forcing WhatsApp users to agree to a sweeping data sharing policy with other Meta platforms. The agency ordered the company to stop using users' data for online advertising on other Meta platforms.
An Oklahoma hospital quickly restored its IT systems after a ransomware attack in September, but the 62-bed hospital could not recover some data and later learned that hackers may have accessed the personal information of 133,000 people. The attack is the latest involving a small rural hospital.
In 2025, companies in China will face additional obligations when data protection audits become mandatory, setting a new benchmark for compliance with privacy laws. China is also expected to introduce regulations on non-personal data to establish a framework for ethical and secure data usage.
The Consumer Financial Protection Bureau's open banking ruling shifts liability burdens onto banks, amplifying their responsibilities for securing data shared with third-party fintechs. John Horn at Datos Insights explains the potential for third-party breaches.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.