Industry Insights

NYDFS Certification of Compliance Deadlines Loom

There are two imminent Certification of Compliance deadlines with the two-year transition period around NYDFS' Cybersecurity Regulation (23 NYCRR Part 500) set to end on March 1.

Fugitive in Bank Data Theft Case Faces Four Years in Prison

A former bank employee - now believed to be a fugitive - is being charged with commercial espionage, among other crimes, after stealing data on the bank's clients.

HHS: Data Protection Among Best Practices for Healthcare Cybersecurity

A set of cybersecurity best practices recently published by the Department of Health and Human Services (HHS) looks at five of the biggest cyber threats to the healthcare industry and how to best mitigate them.

Handling Patient-Generated Health Data Securely

Patient-generated health data is being used more and more by physicians - while it can help supplement clinical data, PGHD isn't without its own data privacy and security concerns.

12-State Lawsuit Alleges Medical Firm Violated HIPAA

The company not only failed to encrypt electronic protected health information but failed to maintain a security monitoring system that could have flagged supicious and anomalous activity.

Practice Settles With HHS Following PHI Disclosure

A Connecticut-based allergy practice agreed to pay $125,000 this week to settle the disclosure of patient information to a reporter.

More PHI Breaches Caused by Providers, Insiders, Report Says

More Protected health information (PHI) is leaked by healthcare providers, not hackers, academic research by Michigan State University and Johns Hopkins University released Monday says.