Security

Hospital operator Sutter Health last week said personal information on more than 2,500 patients was improperly emailed by a former employee in 2013, representing a possible breach of patient data.

The list of tools in a health organization's data security armamentarium is long and varied: firewalls, encryption, anti-virus, etc. But a truly risk-based security framework needs more than mere protective measures. It requires awareness.

A recent security report by Microsoft finds that, even when cloaked in encryption technology, "an alarming amount of sensitive information can be recovered" from electronic medical record databases.

Hackers had unfettered access to Excellus BlueCross BlueShield's information systems for more than a year and a half before the health plan even noticed the cyberattack had occurred.

Richard Clarke, cybersecurity expert and former national security advisor to three U.S. presidents, will keynote the HIMSS Media and Healthcare IT News Privacy & Security Forum Dec. 1-3 in Boston.

Security specialists bring to market new cloud services to secure PHI and PII for Salesforce users.

HIMSS officials plan to share the three "asks" with Congress during National Health IT Week in early October.

The company continued its shopping spree on Friday, scooping up another security-centric vendor, in hopes of moving into healthcare and other regulated vertical markets.

Plaintiffs who slapped Sony Pictures with a class action lawsuit after their detailed medical records were swiped in a cyberattack have finally reached an agreement on a proposed settlement.

A job listing for a small but growing team to create a large distributed security services has Microsoft watchers speculating about the company's intentions.