To address the insider threat, Jeremy Walczak of Independent Health is using a privileged identity management system. Walczak and other experts offer detailed insights on mitigating emerging threats.
An emerging concept known as accelerated breach response aims to improve how organizations react to such incidents. What are the hallmarks of the new approach? Attorney Ellen Giblin offers insights.
The Department of Health and Human Services is seeking speedy approval of its controversial proposal to require state health insurance exchanges to report data breaches within one hour of discovery.
HHS proposes that state insurance exchanges report data breaches within one hour after discovering them. CIO Curt Kwak of the Washington state exchange explains why compliance with such a rule would be challenging.
Version 3.0 of the PCI Data Security Standard is coming, and draft guidelines reflect the impact of recent retail breaches. PCI GM Bob Russo explains big changes to ensuring payment card security.
Breaches are expensive, embarrassing and entice additional scrutiny from regulators and consumers alike. By taking eight key steps, you can protect private information and lessen the impact of breaches when they occur.
Under HIPAA Omnibus, business associates and subcontractors are liable for compliance, including penalties for data breaches. But what happens if those vendors are located outside the U.S.?
Although OCR has changed its standard for determining breaches under HIPAA Omnibus to a more objective assessment, it's still unclear whether the previous harm standard is truly a thing of the past.
In the wake of the NSA leak by former systems administrator Edward Snowden, how can organizations limit the amount of data access offered to those managing IT systems? Former CIA CISO Robert Bigman explains.
Improper disposal of protected health information poses significant risks, as recent breach incidents demonstrate. That's why organizations need to do a better job vetting disposal companies and verifying that data or devices are actually destroyed.
DDoS attacks launched by hacktivists are often viewed as little more than an interruption to online services. But Terry Ray of Imperva highlights a greater worry hidden behind these attacks.
Having a CISO within an organization can help in holding down data breach costs, says the Ponemon Institute's Larry Ponemon, who, along with Symantec's Robert Hamilton, analyzes new survey results.
In this week's breach roundup, Walgreens plans to appeal a $1.4 million penalty a jury issued after a pharmacist inappropriately reviewed and shared a woman's prescription history.
After organizations update their policies and procedures to comply with the new breach notification requirements of HIPAA Omnibus, they must thoroughly test their response plans, attorney Ellen Giblin stresses.
How were four Russians and a Ukrainian allegedly able to steal more than 160 million payment card numbers from corporate networks over seven years? An indictment announced by U.S. Attorney Paul J. Fishman provides details.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.