Info Security

2.12.2013

Data Breach Incidents More Than Double

The number of global data breaches reached 2,644 last year, more than doubling the number of incidents in 2011. Despite the rise in frequency, they accounted for the exposure of 267 million records – a significant improvement over the 412 million records exposed in 2011.

River Falls Journal

2.1.2013

River Falls Medical Clinic Has Information Breach

River Falls Medical Clinic says it has notified about 2,400 clients of a breach of unsecured personal information.  The breach occurred after clinic officials reported stolen equipment to the River Falls Police in the summer of 2012.

Dark Reading

1.28.2013

Report: Portable Memory Devices To Blame For Majority Of Data Breaches

 Lost paper files and portable memory devices account for 65 percent of data breaches according to "Data Breach Incidents & Responses," a just released survey conducted by the Society of Corporate Compliance and Ethics (SCCE) and the Health Care Compliance Association (HCCA). The compliance and ethics department, according to 69 percent of respondents, led the remediation effort following the last data breach.

Healthcare IT News

1.23.2013

Stanford reports fourth HIPAA breach

Some 57,000 patients seen at the Palo Alto, Calif.-based Lucile Packard Children's Hospital have been notified of a potential HIPAA-breach after an unencrypted company laptop containing patient medical information was stolen from a physician's car Jan. 9.

eSecurity Planet

1.21.2013

Montfort Hospital Suffers Security Breach

Canada's Montfort Hospital recently announced that that an unencrypted USB drive containing more than 25,000 patients' health information was recently lost. The drive contained patients' names, summary data on the type of service provided, the date of service, and the health service provider code.

Cache Valley Daily

1.17.13

Employee fired for Utah health data breach

The employee who lost a device containing personal information for about 6,000 Utah Medicaid recipients has been fired. The Utah Department of Health reported Wednesday that an employee with an outside contractor lost a USB memory stick containing the data last week while traveling.

St. Louis Post-Dispatch

1.14.13

Laptop stolen from Washington University doctor in Argentina contained patient information

A laptop stolen from a local surgeon traveling in Argentina contained the personal information of about 1,100 patients, the Washington University medical school announced today.

Southwest Florida Online

1.12.13

Florida Justice Department Missing 100,000 Computer Records

The Florida Department of Juvenile Justice reported an information security breach to the Florida Department of Law Enforcement Friday afternoon.  The DJJ said the theft of a computer device might lead to the possibility of identity theft of tens of thousands of individuals including data about employees and youth offenders in the Florida Juvenile Justice system.

Network World

1.10.13

When to call for help after a data breach

In spite of best practices, it is likely your organization will experience a serious data breach at some point. Once the initial shock wears off you'll be faced with numerous decisions, the most significant of which is whether to seek help from outside professionals such as attorneys, computer forensics investigators, information security consultants, privacy consultants and law enforcement.

Fierce Healthcare

1.9.13

3 Top Issues Hospitals Will Face In 2013

With implementation of the health reform law coming this year, hospitals are most concerned about the changes it will bring. According to a PwC Health Research Institute report released today, hospitals and other healthcare organizations will see a mix of budgetary pressures, consumerism and technology. Described as a quicken pace on health reform, the top issues hospitals will see this year include the following:  Read more: 3 top issues hospitals will face in 2013 - FierceHealthcare http://www.fiercehealthcare.com/story/3-top-issues-hospitals-will-face-2013/2013-01-09#ixzz2IFo5gMim Subscribe: http://www.fiercehealthcare.com/signup?sourceform=Viral-Tynt-FierceHealthcare-FierceHealthcare

Information Week

1.7.13

Healthcare Settlement Highlights Risk Analysis, Encryption Importance

The Department of Health and Human Services (HHS) recently announced the first HIPAA breach settlement involving fewer than 500 patients. The Hospice of North Idaho (HONI) agreed to pay $50,000 after an investigation found the organization had violated the HIPAA security rule. HHS' Office for Civil Rights (OCR) began its investigation after HONI reported an unencrypted laptop containing electronic personal health information on 441 people was stolen in June 2010.

Healthcare Finance News

12.31.12

Four Data Security Risks To Watch For In 2013

Kroll Advisory Solutions has released its 2013 Cyber Security Forecast, spotlighting some of the pressing and perhaps unexpected privacy and security issues healthcare and other organizations may be grappling with in the coming year.

WFIE

12.28.12

Local patients notified of stolen laptop containing patient information

Gibson General Hospital has mailed letters to patients informing them of the theft of a hospital laptop containing personal health information.  The laptop was reported stolen, along with several other items, from an employee's home during a burglary on Nov. 27.

CIO

12.13.12

Are BYOD Employees Decommissioning Mobile Devices Properly?

Sales of mobile devices are expected to surge this holiday season. Whether your firm has embraced bring-your-own-device (BYOD) or elected to look the other way that means many of your employees can be expected to upgrade their tablets and smartphones. But what about their old devices? Will they be decommissioned properly?

Help Net Security

12.13.12

Motivations, trends and measurement of IT security spending

A new comparative survey by The Ponemon Institute explores the motivations behind IT security spending among UK and US organizations, and how industry regulations, data breach mitigation and the fear of reputational damage rank in the decision making process.

Pepperdine Graphic

12.7.12

Laptop theft compromises information of 8300 campus community members

President Andrew K. Benton sent an email today informing the university community that a laptop computer belonging to an authorized university employee was stolen from that individual’s car. This laptop had been used extensively in work related to the IRS, “and it contained data dating back to 2008 involving as many as 8300 Pepperdine campus community members.” Approximately 75 percent of these names belong to students.

eWeek

12.5.12

Security Issues Pose Hurdles for BYOD Migration: Gartner

Privacy and access controls should be implemented to ensure the security of corporate data as well as protect personal information stored on user-owned devices.

Healthcare IT News

12.5.12

Scant progress on breaches since HITECH

The healthcare industry has made little progress in reducing data breaches, according a new analysis of the past three years by the Health Information Trust Alliance (HITRUST).

Fierce Mobile IT

12.4.12

Mobile security concerns soar among IT managers

Security concerns about mobile devices in the enterprise have soared among IT managers over the last three years, according to an annual endpoint security survey of IT managers conducted by the Ponemon Institute and security firm Lumension.

Dark Reading

11.29.12

10 Top Government Data Breaches Of 2012

SQL injection, post-phishing privilege escalation, and poorly secured back-up information all played their part in exposing sensitive government data stores this year

eWeek

11.19.12

SEC Employees Brought Sensitive Data to Hacker Con: Report

A yet-unreleased report finds that security experts at the SEC brought sensitive data to the Black Hat Security Briefings, an annual hacker and security convention.

Computer World

11.15.2012

NASA breach update: Stolen laptop had data on 10,000 users

Personally identifiable information of "at least" 10,000 NASA employees and contractors remains at risk of compromise following last month's theft of an agency laptop, a spokesman told Computerworld via email Thursday.

WJAR

11.15.2012

Laptop stolen from Landmark Medical Center

A laptop computer with a spreadsheet containing certain patient information was stolen from Landmark Medical Center in Woonsocket.

New York Times

11.14.2012

NASA Says Staff Information was on Stolen Laptop

NASA told its staff this week that a laptop containing sensitive personal information for a large number of employees and contractors was stolen two weeks ago from a locked vehicle.

Help Net Security

11.13.2012

Organizations Fail to Realize the Implications of a Data Breach

New research by the Ponemon Institute revealed that 54 percent of respondents have experienced at least one data breach in the last year, with nearly a fifth (19 percent) experiencing more than four.

SC Magazine

11.13.2012

Stolen Laptop Results in Theft of 100,000 Patient Records

A laptop containing the unencrypted personal records of Alere Home Monitoring customers was stolen from an employee's car.

PhysOrg

11.8.2012

Survey Finds Disconnect Between Mobile Device Use, Security Preparedness

According to a recent survey commissioned by AT&T and the Polytechnic Institute of New York University, 90 percent of small businesses allow their employees to access work email via mobile devices, and 41 percent allow employees to use these devices to access business files. Eighty three percent of small businesses allow employees to use personal devices for work.

Midsize Insider

11.7.2012

Most Data Breaches Caused by Employees, Report Shows

A recent Forrester report suggests most corporate data loss and security breaches come from risky employee behavior as well as an organization's inability to implement comprehensive IT security policies. The report finds most data breaches result from stolen or lost mobile devices, compromise of other data-bearing devices, or misuse of corporate data assets by employees.

Bank Info Security

11.6.2012

Avoiding Evil: Securing Mobile Devices

Cloud and mobility continue to change the landscape for security professionals concerned with data loss and the growing number of endpoints holding sensitive information, says Dan Hubbard of the Cloud Security Alliance.

Tech Republic

11.1.2012

BYOD Risk and How to Deal with It

Patrick Lambert revisits some of the basic precautions that need to be taken to deal with the proliferation of employee-owned devices in the workplace.

eSecurity Planet

10.31.2012

Mobile Device Management Advice from Gartner

It may be too early to say "the era of the PC is ended," as Phil Redman, a research vice president at Gartner, recently did. Still, there is no question knowledge workers are transferring many of the tasks they once performed on PCs to their smartphones, tablets and other mobile devices.

 

Vermont Digger

10.24.2012

VSECU Data for 85,000 Customers Ends Up in Landfill

Officials at VSECU, the state's largest credit union, have notified consumers that two unencrypted backup data tapes loaded with customer identification information were mistakenly thrown away and ultimately disposed of in a landfill last month.

Gov Info Security

10.23.2012

Health Breach Tally Tops 500 Milestone

Major U.S. healthcare data breaches have surpassed a significant milestone: More than 500 breaches have been confirmed since September 2009, when the U.S. Department of Health and Human Services began keeping tabs.

Knoxville Sentinel

10.18.2012

Blount Hospital Laptop Stolen with 27,000 Patients' Personal Data

Blount Memorial Hospital has begun notifying 27,000 patients whose personal information was compromised by the theft of an employee's laptop computer in August

Help Net Security

10.16.2012

Most People Want Control of Information Collected by Data Brokers

As Congress examines how data brokers collect, aggregate and share consumers' personal information, a new survey by TrustedID shows that most people are confused about how data brokers operate and want centralized control of how data brokers handle their personal information.

Billing & OSS World

10.9.2012

Data Loss from Missing Devices Ranks First Among Top Mobile Threats

Data loss from stolen or lost mobile devices ranks as the top mobile threat related to device security. The rankings, released by Cloud Security Alliance, came from a survey of more than 200 enterprise participants. A main goal of this survey was to provide guidance on where enterprises should place resources to address mobile device security threats, CSA said.

Business Insurance

10.9.2012

Average Insurance Cost Per Data Breach Rises to $3.7 Million: Study

The average insurance cost per data breach incident increased sharply from $2.4 million in 2010 to $3.7 million in 2011, according to a new NetDiligence study released Tuesday.

InfoSecurity

10.9.2012

Almost Half of UK Businesses Suffered Insider Data Breaches

For 48% of IT practitioners in the UK, the sensitive personal data contained in their company's databases and native or cloud applications has been compromised or stolen by a malicious insider, new research has revealed. And, the majority of those practicioners (65%) also agree that they find it difficult to comply with privacy and data protection regulations in production and development environments.

Fayette Observer

10.3.2012

Laptops Stolen from North Carolina Elections Board

All 71,000 registered Robeson County voters should have received letters notifying them that five laptop computers containing their personal information were stolen from the Robeson County Board of Elections last month.

Network World

10.1.2012

Workers Worried by BYOD Privacy Intrusions: Survey

"Bring your own device" may be touted as a winning policy for workers and employers, but a recent survey finds many employees worry that it's an excuse to invade their privacy.

Computerworld

9.28.2012

CSOs Grapple with Pain Points of BYOD

Security execs know they have no choice but to comply with the demand for personal devices in the workplace. But as these CSOs explain, it's a pain-filled process.

eWeek

9.25.2012

BYOD Initiatives Require Careful Thought, Implementation

While bring-your-own-device initiatives offer multiple benefits for organizations, there are pitfalls that only careful implementation can help avoid, according to Grudi Associates.

Gov Info Security

9.24.2012

Stolen Devices a Persistent Problem

The latest updates to the federal tally of major health information breaches confirm that the loss and theft of unencrypted devices continue to plague the industry.

PC World

9.24.2012

Forrester Report Finds Most Data Breaches Caused by Employees

Most data breaches are caused by mundane events such as employees losing, having stolen or simply unwittingly misusing corporate assets, a Forrester Research report has found.

GovInfoSecurity

9.17.2012

Another Big Fine After a Small Breach

For the second time in three months, federal authorities have issued a hefty financial penalty stemming from a HIPAA compliance investigation after a relatively small breach.

PhiPrivacy.net

9.17.2012

California Medical Group Notifies Patients and Providers of Stolen Laptop

Just because you don't remove the laptop from the office, don't kid yourself that it's secure. We've seen a number of incidents where laptops have been stolen from offices where the failure to encrypt the laptops resulted in breach notice costs for the entities. The latest entity to incur breach costs due to failure to adequately secure is St. Therese Medical Group in Bakersfield, California. They sent out letters today to patients and providers whose information was on an unencrypted laptop stolen from their offices on July 22.

Mondaq

9.13.2012

Broad New U.S. Data Security Rule Proposed for Federal Contractors

A new rule proposed for federal government contractors will require that all federal contracts over $100,000 (including contracts for commercial items and those to small businesses) will have to include a clause requiring the contractor to implement basic data security protections for any non-public data provided to the contractor by the federal government or generated by the contractor for the government.

Help Net Security

9.10.2012

Data Breaches Expose 94 Million Records in U.S. Government Sector

An analysis of government breach data shows that the government sector reported 268 incidents of data breaches from January 1, 2009 to May 31, 2012, which exposed more than 94 million records containing personally identifiable information (PII), according to Rapid7

Sci Tech Today

9.5.2012

BYOD Trend Opens Companies to Security Breaches

The simple security measure of remote resetting or wiping a mobile device is notably absent on mobile workers' devices. Only 55 percent of mobile workers told iPass they had remote wipe enabled on their smartphones and only 30 percent activated this security feature on their tablets. The BYOD trend brings enterprise security isues with it.

Public Service

9.4.2012

Scottish Councils Lose Personal Data of 10,000 People

Hundreds of council data security incidents have led to the loss of data on more than 10,000 people in Scotland over the past five years, figures released under freedom of information laws have revealed.