Improving collaboration among employees is the goal of Yahoo CEO Marissa Mayer's decision to ban telecommuting, but her edict means better information security as well, writes veteran CISO Patricia Titus.
In an age of "innovation" where we are told to "reframe" every problem and not just to "think outside of the box" but "think like there is no box," it is good to know where you are and what is done or what isn't done.
Business associates have new obligations under the HIPAA Omnibus Rule. What key compliance steps do they need to take? An expert on healthcare security and regulatory issues provides answers.
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
CISO Mark Olson of Beth Israel Deaconess Medical Center offers detailed insights on the specific steps that medical device manufacturers can take to help ensure data security.
A former federal government CISO dismisses suggestions that IT security can be enhanced by tweaking the processes behind the implementation of the Federal Information Security Management Act. FISMA is badly flawed, he argues, and must be reformed by a new law.
The FTC puts the onus on application developers to protect their organization's sensitive data by mandating the use of "reasonable" data security practices. What does this mandate mean in practice?
With organizations racing to be the first-to-market with the latest, coolest app, they are forgetting something critically important: applying security principles in the development and deployment.
The HIPAA Omnibus Rule includes three new considerations for determining potential civil monetary penalties following a breach investigation. What are the implications for breach prevention strategies?
How do we lessen the risks posed by mobile devices and their apps, along with direct access provided to proprietary corporate data and networks? Here are five clear, actionable ways to mitigate your risks.
Healthcare organizations need to implement a five-step plan to launch their efforts to comply with the HIPAA Omnibus Rule on a tight deadline, says security specialist Christopher Paidhrin.
Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
In the rush to allow personal devices to be used for work, we in application security neglected to examine thoroughly the new risks external applications may introduce to our organizations.
The longtime chief information security officer at the CIA understands the appeal of hacking hackers, but Robert Bigman cautions that such revenge might not be so sweet.
Smaller nation-states have been upping the ante of cyber-attacks for years, and now one has shown us exactly the kind of cyberdestruction that extremist elements are willing and able to conduct, former-U.S. National Intelligence Director Mike McConnell writes.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
