Physician group practices, many of which are adopting their first electronic health record system, need to make staff training on privacy and security issues a top priority, says Susan Turney, M.D., the new CEO at the Medical Group Management Association.
A new, free HIPAA Security Rule Toolkit is designed to help healthcare organizations conduct a thorough risk assessment, says Kevin Stine, who helped guide the project for the National Institute of Standards and Technology.
Information security threats - especially to critical infrastructures and from nation-states - are evolving. But security education curricula are struggling to keep pace, according to Eugene Spafford, renowned information security professor at Purdue University....
The ongoing delay in the release of final versions of HIPAA modifications and the HIPAA breach notification rule makes it more difficult for healthcare organizations to set information security investment priorities, says hospital privacy officer Kari Myrold....
NICE's Ernest McDuffie says a proposed cybersecurity workforce framework represents a consensus of government thought on how best to define the jobs, skills and tasks needed to secure information technology.
Unfortunately, says Ken Vander Wal, most organizations have done little to address security in their policies and procedures regarding BYOD, which is changing the ways companies address user behavior and risk.
Winning senior executive support for information security spending requires "a solid business case of justifications," says Christopher Paidhrin, security compliance officer at PeaceHealth Southwest Medical Center.
Giving back to the community. It's a civic responsibility, says Dan Waddell of Tantus Technologies. But it's also a necessity to help raise cyber awareness. Waddell explains how security pros can give back.
One reason why so many healthcare organizations are not well-prepared to counter security threats is that "key leadership has not bought into the whole process," says Bob Krenek of ExperianÂ® Data Breach Resolution.