The average insider scheme lasts 32 months before it's detected, says threat researcher Jason Clark, who suggests using a combination of the right technologies and the right processes is the key to improving detection.
Although the enforcement date for the HIPAA Omnibus Rule was Sept. 23, compliance is an ongoing project, and educating smaller business associates is a continuing challenge, says Jeff Cobb, CISO at Capella Healthcare.
Attorney Maureen Ruane, who has prosecuted dozens of healthcare fraud cases, explains how the rollout of electronic health record systems at hospitals and clinics is creating new potential opportunities for fraud.
Mary Galligan, the just-retired head of the FBI's New York cyber unit, says the federal government can do more to help businesses take all the right steps to protect sensitive information and prevent breaches.
The HIPAA Omnibus enforcement date has come and gone. What areas have covered entities overlooked, and what must they address as top priorities? David Finn of Symantec shares insight.
Bill Stewart, a privacy and security expert at medical device manufacturer Philips Healthcare, offers an explanation of when hospitals should apply software patches to devices on their own and when they should work with the supplier.
Nations' policies for mitigating cyberthreats can conflict with efforts to promote cyber-enabled global trade, cautions Allan Friedman, research director of the Brookings Institution's Center for Technology Innovation.
To mark his induction into the National Cyber Security Hall of Fame, Purdue University Computer Science Professor Eugene Spafford offers insights on key challenges, including overcoming senior executives' misperceptions about key issues.
Knowledge-based authentication is no longer reliable, says fraud expert Avivah Litan, an analyst at Gartner. She explains why so-called behavioral authentication is the only reliable way to verify users.
Attacks waged for cyber-espionage, fraud, DDoS and other nefarious deeds are increasingly being hired out to sophisticated hackers for specific purposes, says Symantec researcher Kevin Haley.
What are the distinct phases of the fraud lifecycle, and how can banking institutions intervene at each stage to prevent losses? Daniel Ingevaldson of Easy Solutions offers fraud-fighting tips.
Mitigating card risks associated with retail malware attacks and POS vulnerabilities is a focus of updates to the PCI Data Security Standard, say Bob Russo and Troy Leach of the PCI Security Standards Council.
Before hiring a cloud services vendor, healthcare organizations should demand answers to tough questions about privacy and security, says Phil Curran, a hospital CISO who has scrutinized many companies.
Top executives at healthcare organizations must take the lead in overcoming a culture that portrays privacy and security as barriers, says Joy Pritts, chief privacy officer at the Office of the National Coordinator for Health IT.
Professionalizing occupations within the cybersecurity field won't necessarily help fill vacant IT security jobs in government and industry, says Diana Burley, an IT security workforce expert.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
