More On PCI DSS 2.0 « #PCI
The biggest news out of this presentation is that requirement 6.5 will now apply to all in-scope applications, not just Internet-facing or browser-based applications. Based on all of the breach research that has been conducted, they have finally realized that any application in the cardholder data environment (CDE) is a potential hazard, not just those [...]
Data breach prevention top of mind for healthcare IT decision makers (WTN News)
According to the survey, 80 percent of respondents say securing patient information from unauthorized access and data breaches is a top priority, and 76 percent claim breach of confidential information or unauthorized access to clinical applications as their greatest security concerns – so much so that 97 percent say that HIPAA and HITECH Act regulations [...]
Healthcare Breaches Spin Out Of Control
If the past week is any indication and I’m afraid it is, health care companies are doing an abysmal job at protecting personal health care data.This evening the Colorado Department of Health Care Policy and Financing announced that state officials discovered an unauthorized removal of a computer hard drive from the state’s Office of Information [...]
Connecticut AG reaches agreement with Health Net over data breach
Connecticut Attorney General Richard Blumenthal has announced that his office has reached a settlement with health insurance company Health Net over a failure to secure patient information on almost a half-million state enrollees, and subsequent failure to promptly notify consumers about the breach. The settlement involves Health Net of the Northeast Inc., Health Net of [...]
Visa tightens rules for small sellers • The Register
From 1 July small and medium enterprises using electronic point of sale terminals and e-commerce systems need to reach basic compliance with an entry-level version of the standard or face higher merchant fees or, in extreme cases such as in the aftermath of security breaches, the withdrawal of merchant statuses. Larger firms need to comply [...]
Do You Have What It Takes To Pass Your Payment Card Industry Audit? #PCI
With every company reliant on software to run its business, an alarming rise in data breach incidents across industries, but especially credit card processing, means application security is becoming an increasingly critical part of any organisation’s overall IT security strategy. For organisations that store, transmit or process credit card information, it is vital as they [...]
BofA call center worker pleads guilty to data theft
A Bank of America call center employee has pleaded guilty to charges that he stole sensitive client information and then tried to sell it for cash. Brian Matty Hagen pleaded guilty last week to one count of bank fraud. According to court filings he allegedly recorded customer account information when BofA customers called him for [...]
One-fourth of reported HIPAA breaches involve laptops – FierceMobileHealthcare
Last year, the HHS Office for Civil Rights started posting online a list of reported breaches of unsecured health data affecting at least 500 people. About one-quarter of all listed incidents involved laptops, and close to one-eighth were the result of a lost or stolen portable device or USB drive. via One-fourth of reported HIPAA [...]
DHEC notifying South Carolina clients of personal information breach |
According to Hunter, private information of more than 1,800 people was included on DHEC documents that were discovered by a third party in a public, paper recycling container behind the DHEC building on Bull Street in Columbia. This third party gave the documents to another person, who returned them to DHEC. via DHEC notifying South [...]
OCR Will Post Names of Private Practices That Violate HIPAA
The Office of Civil Rights (OCR) confirmed in an e-mail to HealthLeaders Media Friday afternoon that it will begin posting on its breach notification Web site the names of entities they consider “individuals” regardless of whether or not those entities give consent. via OCR Will Post Names of Private Practices That Violate HIPAA.
