In a report released this week, the federal Government Accountability Office (GAO) found that the EPA, which just announced a server breach resulting in the personal information compromise of 7,800 people, is falling short in several areas.
Heightened HIPAA enforcement continues, with the U.S. Health and Human Services taking its first-ever action against a state agency after a breach prompted an investigation.
A suit contends that the defendants failed to properly encrypt data, then "intentionally, willfully and recklessly" allowed an untrained individual to access the information.
One of the largest breaches of the year has struck a military health benefits firm and a major defense contractor, and the data wasn't encrypted because a compliant solution wasn't available.
The personal information of thousands of current and former California state employees was improperly copied to a hard drive and removed from state offices.