Page 115 - Latest interviews and insights on healthcare information security

Professionalizing the IT Security Field

Eric Chabrow • April 23, 2013 8 Minutes 29 Seconds

Should IT security practitioners be deemed professionals like those in medicine and law? That's not an easy question to answer, says Ronald Sanders, former human capital officer at the U.S. Office of the Director of National Intelligence.

Business Continuity Management / Disaster Recovery

Verizon Report: DDoS a Broad Threat

Tracy Kitten • April 23, 2013 12 Minutes 36 Seconds

Distributed-denial-of-service attacks jumped significantly in 2012. And it's not just banking institutions that are victims, Verizon finds in its just-released Data Breach Investigations Report.

Events

ENISA Aims for Longer, Stronger Role

Tom Field • April 22, 2013 20 Minutes

The European parliament recently voted to extend and strengthen the European Network and Information Security Agency. What does this news mean for Europe's top cybersecurity agency and for the state of emerging threats across Europe?

Business Continuity Management / Disaster Recovery

Boston Lockdown: Business Continuity

Eric Chabrow • April 19, 2013 4 minutes 36 seconds

The hunt for a Boston Marathon bombing suspect that locked down the city caused massive disruption to business operations, but enterprises that had business continuity plans in place hardly missed a beat.

Business Associates

HIPAA Omnibus: Tips for Clinics

Marianne Kolbasuk McGee • April 18, 2013 15 Minutes

When it comes to HIPAA Omnibus Rule compliance, smaller physician practices must guard against complacency because they could be held accountable, warns compliance expert Marjorie Satinsky.

Breach Response

Post-Breach Credit Monitoring Strategies

Howard Anderson • April 17, 2013 11 minutes

To retain their customers after a breach of sensitive information, organizations should take the extra step of calling those affected to offer free credit protection services, says security expert Brian Dean.

Encryption & Key Management

Encryption as 'Default Standard Practice'

Marianne Kolbasuk McGee • April 16, 2013 20 Minutes

Expanding the use of encryption is a top breach prevention step for 2013, the Healthcare Information Security Today survey confirms. And CISO Eric Cowperthwaite says a risk assessment is essential for setting encryption priorities.

Cybersecurity

Will New Hires Impede Future Security?

Eric Chabrow • April 16, 2013 8 minutes 40 seconds

The rush to find qualified IT security professionals to meet current cyberthreats could jeopardize IT systems' security in the not-too-distant future, say two leading IT security experts, Eugene Spafford and Ron Ross.

Bring Your Own Device (BYOD)

Medical Device Security: A New Focus

Marianne Kolbasuk McGee • April 15, 2013 5 Minutes

As part of their mobile security strategies, healthcare organizations must remember not to neglect issues involved with medical devices used for patient care, says privacy expert Peter Swire, a former presidential adviser.

Healthcare Information Exchange (HIE)

National Provider Directory: Why Needed?

Marianne Kolbasuk McGee • April 12, 2013 15 Minutes

The New York eHealth Collaborative is developing a national provider directory to ensure that electronic queries for patient data go to the right place and privacy is protected, says the group's leader, David Whitlinger.

Awareness & Training

A CIO Outlines Top Security Priorities

Marianne Kolbasuk McGee • April 12, 2013 15 Minutes

Improving regulatory compliance and security training, as well as detecting and preventing breaches, are top priorities for 2013, the Healthcare Information Security Today survey shows. Sharp HealthCare CIO Bill Spooner tells why those issues are critical.

Authentication

Building an Authentication Framework

Information Security Media Group • April 10, 2013 15 Minutes

To ensure the security of sensitive patient information, healthcare organizations need to build a long-term user authentication strategy that creates a comprehensive framework, says Sam Curry, chief technologist at RSA.

Awareness & Training

Ramping Up HIPAA Training

Information Security Media Group • April 10, 2013 11 minutes

Healthcare organizations need to stop offering what amounts to "HIPAA training light" and instead provide meaningful education on key information security issues, says Daniel Berger, CEO at Redspin.

Cloud Security

Can Moving Data to Cloud Reduce Risk?

Eric Chabrow • April 9, 2013 15 Minutes

NIST's Ron Ross sees complexity as the biggest risk enterprises face. To ease risk, Ross favors moving data to the cloud. Purdue's Eugene Spafford doesn't fully subscribe to Ross' plan. The two square off in this interview.

Healthcare Information Exchange (HIE)

HITECH: Meeting HIE Requirements

Marianne Kolbasuk McGee • April 9, 2013 10 Minutes

To meet the HITECH Act electronic health record incentive program's upcoming requirements for health information exchange, providers will need to use security best practices. David Kibbe, M.D., of DirectTrust, explains how his group is fostering those practices.