The settlement of a class action lawsuit against AvMed, a health plan company, stemming from a 2009 data breach, is significant because it awards payments to those who were not victims of identity theft.
For years, researchers have studied malicious insider threats. But how can organizations protect themselves from insiders who make a mistake or are taken advantage of in a way that puts the organization at risk?
Bill Stewart, a privacy and security expert at medical device manufacturer Philips Healthcare, offers an explanation of when hospitals should apply software patches to devices on their own and when they should work with the supplier.
New social networking technology being piloted at more than two dozen healthcare organizations, including Cedars-Sinai Health System, is designed for secure collaboration among healthcare professionals.
A class action suit has been filed against Advocate Medical Group following the theft of four unencrypted computers that may have exposed data on 4 million patients. Learn more about the allegations the lawsuit makes.
Lee Kim, the new director of privacy and security at HIMSS, says keeping track of where sensitive data is located, detecting breaches and dealing with insider threats are among the most critical issues.
Improper disposal of protected health information poses significant risks, as recent breach incidents demonstrate. That's why organizations need to do a better job vetting disposal companies and verifying that data or devices are actually destroyed.
How is one of the nation's top 20 bank holding companies fighting fraud? Find out directly from Matthew Speare, Senior Vice President of Information Technology for M&T Bank Corporation, as he spends an hour taking your questions about a variety of banking fraud topics, including:
Account takeover trends and the...
Healthcare organizations aren't performing enough analysis of user behavior to detect possible insider threats, says security consultant Mac McMillan, who outlines the importance of auditing for abnormalities.
With promises of ramped up HIPAA enforcement by federal regulators, and changes in the breach notification rule under the HIPAA Omnibus Rule, it's time for organizations to get serious about insider risks.