Birth dates and Social Security numbers for 1,000 Orange County Sanitation District retirees were accessed in a phishing scheme, the district confirmed Monday.District retirees, former employees and board members were being notified of the data breach in the utilitys deferred compensation plan, which occurred in December after a file at NFP Corp. was accessed via
Improve Disclosures and ControlsWith threats of nation-states infiltrating supply chains and landmark laws being passed, cybersecurity and privacy are critical aspects of director oversight. Recent court decisions and speeches from the SEC have made it clear that directors are not able to delegate cybersecurity oversight: directors each have the responsibility to personally understand cybersecurity risk
In a summary report issued Wednesday, the HHS Office of Inspector General highlighted several security controls that need improvement across eight HHS operating divisions. The weaknesses included configuration management, access control, data input controls and software patching, the report notes. Similar concerns have been raised in previous OIG reports.The OIG report is based on findings
The incident highlights the difficulty some organizations have in determining whether to report ransomware attacks as breaches to comply with the HIPAA Breach Notification Rule.More than 600,000 Michigan residents may have had their information compromised in the breach at Detroit-based Wolverine Solutions Group, according to a statement from Michigan Attorney General Dana Nessel and Anita
A lot of attention is focused on network access security; it can be easy to overlook the vulnerability of data at the edge. We hear a lot about cybersecurity breaches in the news, but were not always told the cause. The business or organization involved is rarely forthcoming with insight about breach scope and exposure.
Agencies that would see a boost in cybersecurity-related funding under the proposed budget for the fiscal year that starts Oct. 1 include the Department of Defense and the Department of Energy, as well as the Food and Drug Administration.But two Department of Health and Human Services’ units that regulate health IT security and privacy matters
Security controls on devices will predictably degrade through entropy and new care models are giving rise to emerging security threats, warns Josh Mayfield, director of security strategy at Absolute.
Its not just computers or smartphones that can make your healthcare organization vulnerable to security breaches. Pacemakers, insulin pumps, wearable devices that track patient activity levels and pills containing ingestible sensors that track medication adherence are among the innovations that allow physicians to monitor patients remotely, promising more cost-effective care and improved outcomes.But connected medical
The guidance document, entitled Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients, offers practical guidance for addressing what the Council has identified as the most impactful threats… within the industry. This document is a useful material for healthcare business managers faced with ever-increasing cybersecurity risks and the attending risks to patient safety and operational
CHICAGO When most people go to the hospital, data security is the last thing on their minds. Theyre in pain, anxious and unsure. They want to be treated and return to their lives.Yet sometimes patients still have cause to worry months after they leave the hospital. Theyre discovering that data they gave to health systems