Data breach

Get started

  • incident response plan (IRP)

    An incident response plan (IRP) is a set of written instructions for adequately detecting, responding to and limiting the effects of an information security incident, an event that may or may not be an attack or threat to computer system or corporate data security.Continue Reading

  • How to adapt to latest EU data breach notification requirement changes

    For companies worried about the latest EU data breach notification requirements, expert Mike Chapple says to look to the PCI DSS framework.Continue Reading

  • Online security training: How to avoid cybersecurity issues

    Looking to avoid cybersecurity issues? You must first determine who is responsible for online security training. Our #CIOChat participants weigh in.Continue Reading

  • Quiz: HIPAA omnibus rule

    In this quiz, test your knowledge of the omnibus rule, the latest HIPAA regulation set to go into effect this September.Continue Reading

  • Briefing: How to avoid a health care data breach

    A data breach can be quite costly to a provider's budget and reputation. This briefing offers advice for securing health care data to comply with HIPAA and HITECH Act rules.Continue Reading

  • data breach

    A data breach is an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so. Data breaches may involve personal health information (PHI), personally identifiable information (PII), trade secrets or intellectual property.Continue Reading

  • Microsoft HealthVault

    Microsoft HealthVault, which launched in October 2007, is a free personal health record (PHR) service offered by Microsoft that allows individuals to store personal health and fitness information in a central location. The Web-based service is available to anyone with a Microsoft account.Continue Reading

  • Law, investigations, ethics: Security incident response management

    The CISSP exam covers 10 domains, one of which is law, investigations and ethics. In this section of the CISSP Study Guide, you will ensure your knowledge of law, investigations and ethics and security incident response management.Continue Reading

  • PCI DSS Requirement 11: Regularly test security systems and processes

    Craig Norris explains why internal and external network scans are necessary to complete Requirement 11 of the PCI Data Security Standard, one that frequently baffles security professionals.Continue Reading

  • snooping

    Snooping, in a security context, is unauthorized access to another person's or company's data. The practice is similar to eavesdropping but is not necessarily limited to gaining access to data during its transmission. Snooping can include casual observance of an e-mail that appears on another's computer screen or watching what someone else is typing. More sophisticated snooping uses software programs to remotely monitor activity on a computer or network device.Continue Reading