Physician group practices, many of which are adopting their first electronic health record system, need to make staff training on privacy and security issues a top priority, says Susan Turney, M.D., the new CEO at the Medical Group Management Association.
A card compromise at a California-based grocery chain has raised questions about the efficacy of PCI-DSS. Experts say even if merchants are compliant, fraudsters can easily get around the security measures.
Bank of America, a pioneer in mobile banking, says mobile is hot, but it also opens financial institutions to unknown risks. What proactive steps should banks and credit unions take to ensure they're ready?
Information security threats - especially to critical infrastructures and from nation-states - are evolving. But security education curricula are struggling to keep pace, according to Eugene Spafford, renowned information security professor at Purdue University.
In addition to the negative publicity associated with being included on the federal tally of major health information breaches, some organizations are experiencing yet another impact of breaches: class action lawsuits.
Phishing schemes, like the one claiming to be from the Better Business Bureau, target consumers who have concerns about troubled accounts or account breaches. And social engineering is used more often to acquire financial and personal information.
BITS president Paul Smocer says banks can expect an uptick in cybersecurity-focused legislation in 2012. What impact will changes from Capitol Hill have on requirements for data breach notification, information sharing and critical infrastructure?