Latest Headlines

Latest Headlines

NIST issues draft de-identification guidance for personally identifiable information

In a new draft publication, the National Institute of Standards and Technology explores techniques for de-identification and summarizes almost 20 years of research. 

Federal employees among those at risk by massive Premera security breach

The personal health information of tens of thousands of federal employees may have been compromised by the recently divulged security breach at Premera Blue Cross, which is based in Washington state.

Does HIPAA make it too easy for hackers to steal digital health information?

When computer hackers gained access to the names, dates of birth, Social Security numbers, member IDs, home and email addresses and employment information of 80 million Anthem Inc. customers, they also may have exposed the security vulnerabilities of electronic health information, according to the Congressional Research Service.

Cummings dives deeper into OPM data breach

Rep. Elijah Cummings (D-Md.) is seeking more information on a recent Office of Personnel Management data breach that could have exposed the personally identifiable information of nearly 50,000 federal employees.

USPS breach compromised employee PII

Information systems at the Postal Service were recently compromised, potentially allowing access to employees' personally identifiable information. Breach data may include names, dates of birth, Social Security numbers, addresses, beginning and end dates of employment and emergency contact information, said USPS in a Nov. 10 statement (pdf).

Open government is not without privacy challenges, finds paper

In an effort to be more transparent and participatory governments are making more data publicly available in machine-readable formats and under open licenses, but such noble aims are not immune to privacy issues, says  a paper  published June 18 in  Future Internet, a Switzerland-based scholarly journal.

HHS officials defend security of healthcare.gov

Three information technology officials from the Health and Human Services Department vouched for the security of healthcare.gov at a sometimes contentious House Oversight Committee hearing Jan. 16. No attacks on the site have been successful, said Kevin Charest, HHS's chief information security officer. He also called the code behind one widely  reported  denial-of-service attack attempt "rudimentary."

House Homeland Security critical infrastructure bill gets potentially controversial amendment

A House Homeland Security subcommittee approved by unchallenged voice vote a critical infrastructure cybersecurity bill, adding in the process several amendments – one of which could generate opposition to an otherwise bipartisan bill.

Data breach reporting mandate may be a needless distraction

"OMB staff said that they were unaware of the rationale for the 1-hour time frame, other than a general concern that agencies report PII incidents promptly," says the recently released report, dated Dec. 9. After just an hour, agencies often have little to report to US-CERT, the cyber incident response unit at DHS, but must do so under Office of Management and Budget guidance.

Privacy appendix of draft NIST cybersecurity framework under fire

Some major Internet companies say the proposed privacy approach of the cybersecurity framework under development by the National Institute of Standards and Technology would be potentially burdensome, something that could discourage organizations from adopting it.