The requirements mirror regulations imposed on pipeline operators earlier this year following the Colonial Pipeline ransomware attack and require transportation operators to designate a cybersecurity lead to interact with government and report breaches, hacks and other cybersecurity incidents in a timely fashion.
Deputy Attorney General Lisa Monaco outlined two new initiatives at the Department of Justice: a cryptocurrency enforcement team and a group to look at federal contractor cybersecurity.
Two lawsuits filed against UC San Diego Health late last week, allege that a four-month employee email hack that breached the data of nearly 500,000 patients was caused by negligence and other security failings.
Subtle differences in opposing breach reporting bills in Congress, including a version in the National Defense Authorization Act passed Friday by the House, could have major impacts for enterprises and the government itself.
Ongoing threats and health app privacy matters give the appearance that patient access rights are not a high priority for HHS OCR. Former HHS privacy leaders and industry influencers Deven McGraw and Lucia Savage share why access rights are so vital to improving care outcomes and just why providers must prioritize the process.
The Federal Energy Regulatory Commission is asking input on information collection regulations for how energy companies secure bulk electric systems while its CIO speculated earlier this month that regulated energy utilities will likely need to follow recent government actions around implementing zero trust architectures.
The FTC Health Breach Notification Rule was enacted 10 years ago to protect the privacy and security of consumer health data not covered by HIPAA, but it was never enforced. A policy decision enacted on Sept. 15 will change that.
