Small business owners’ cybersecurity policies and actions are not adequate enough to ensure the safety of their employees, intellectual property and customer data, according to the 2009 National Small Business Cybersecurity Study.
See the original post here:
Study Finds U.S. Small Businesses Lack Cybersecurity Awareness and Policies
The Department of Health and Human Services should replace its controversial harm standard for triggering a personal health record data breach notification with a risk assessment approach that requires organizations to determine whether the data was actually viewed or acquired by an unauthorized person, according to the Center for Democracy an…
HHS Breach Notification Rules Again Under Fire
In a comment letter sent to HHS officials, the American Hospital Association said it supports the inclusion of a “risk threshold” in the department’s interim final rule on health data breach notification, Health Data Management reports.
See the article here:
AHA Endorses ‘Risk Threshold’ in HHS’ Data-Breach Notification Rule