Monthly Archives: February 2011

NIST budget request could bolster cybersecurity initiatives — Federal Computer Week

In its fiscal 2012 budget, the Obama Administration requested the National Institute of Standards and Technology’s receive $43.4 million for cybersecurity programs, an increase that would more than double the funding for NIST research and development programs in this area, according to NIST officials.

via NIST budget request could bolster cybersecurity initiatives — Federal Computer Week.

HHS Levies Civil Penalty for HIPAA Privacy Rule Violation – iHealthBeat

On Tuesday, the HHS Office for Civil Rights announced that it has issued its first-ever civil penalty for HIPAA privacy rule violations, the Washington Post reports.OCR fined Cignet Health — a health center based in Maryland — $4.3 million for failing to provide copies of medical records to 41 patients who requested them from September 2008 to October 2009

via HHS Levies Civil Penalty for HIPAA Privacy Rule Violation – iHealthBeat.

More than 6M affected since HIPAA breach notification rule

Electronically protected health information (ePHI) has become a target for malicious attack, according to a recent report by Redspin, Inc., a provider of HIPAA risk analysis and IT security assessment services. The report was conducted between August 2009– when the HITECH breach notification interim final rule (IFR) went into effect—and the end of 2010.

via Report: More than 6M affected since breach notification rule.

The “Magic” Vulnerability – Revised

“So, what vulnerabilities did they detect?”

“None,” was the confused answer at the other end of the line.

“What?  They must have detected at least one high, severe or critical vulnerability?  That is the only way you can fail,” I would ask, now also confused.

“Nope.  Nothing.  Just the fact that the OS is unsupported,” I was told.

via The “Magic” Vulnerability – Revised « PCI Guru.