Healthcare organizations must take several important steps to protect their environments against ransomware attacks, says Mac McMillan, CEO of the security consulting firm CynergisTek. He outlines key measures in this interview.
In light of the rapidly evolving cyber threat landscape, a top goal at University of Pittsburgh Medical Center is to identify and stop security incidents before the damage escalates, says John Houston, vice president, information security and privacy.
DirectTrust is beta testing a new version of its Direct protocol for secure email messaging that can support secure texting and "chats" involving health information on mobile devices, says David Kibbe, M.D., the association's president and CEO.
This could be a record year for HIPAA enforcement actions by federal regulators, both in the number of resolution agreements and in the size of financial settlements resulting from breach investigations, predicts privacy attorney Adam Greene.
Lucia Savage, chief privacy officer at ONC, explains how a new "interoperability pledge" taken by dozens of large electronic health record vendors and healthcare organizations will advance secure health data exchange as well as help patients to securely share their own health information.
The HHS Office for Civil Rights is making progress toward launching the long awaited next round of HIPAA compliance audits, which will consist mostly of desk audits. In a critical step, it plans to release its proposed new audit protocol in April, says Deven McGraw, OCR's deputy director of health information privacy.
The cyberattacks that we've seen in the healthcare sector over the past year are starting to rewrite the rules for healthcare-related businesses in a way we really haven't seen before. How are you upping your game?
Despite the pervasiveness of data breaches, healthcare organizations are still playing catch-up on implementing strong, risk-based security programs, rather than focusing solely on HIPAA compliance, says David Finn of Symantec. He offers a preview of his session at the HIMSS 2016 Conference about a new survey.
The Healthcare Information and Management Systems Society 2016 Conference, slated for Feb. 29 to March 4 in Las Vegas, will offer dozens of privacy and security educational opportunities worth checking out.
In an in-depth interview, CIO Ed Ricks of Beaufort Memorial Hospital in South Carolina offers insights on how the community hospital, with limited resources, is tackling breach prevention and detection. He'll be a featured speaker at the HIMSS 2016 Conference.
If recent cyberattacks on healthcare organizations - including the ransomware attack on Hollywood Presbyterian Medical Center - tell us anything, it's that better cyber threat intelligence sharing is desperately needed. A project led by Harris Health Systems aims to help identify the gaps that need to be addressed.
Federal regulators have issued new guidance to clarify scenarios where HIPAA privacy and security regulation might apply, including for mobile health applications and electronic data exchange. Why are some organizations still so confused?
When it comes to medical device security, healthcare organizations need to make some bold moves to improve the cybersecurity of devices used in their environments, says medical device cybersecurity expert Stephen Grimes. He'll be a featured speaker at the HIMSS 2016 Conference.