In response to today's cybersecurity challenges, Southern Methodist University has selected Frederick Chang to head a new program that will address top issues - including how to fill the skills gap.
As the Sept. 23 enforcement deadline for HIPAA Omnibus approaches, an error that many business associates are making is thinking that compliance can be achieved with a simple checklist, says consultant Andrew Hicks.
Lee Kim, the new director of privacy and security at HIMSS, says keeping track of where sensitive data is located, detecting breaches and dealing with insider threats are among the most critical issues.
As a result of a recent Supreme Court case, it's doubtful that HIPAA compliance could be directly enforced by U.S. regulators for offshore business associates, says attorney Stephen Wu.
As healthcare organizations ramp up HIPAA compliance efforts, they should make far greater use of guidance from the National Institute of Standards and Technology, says security consultant Mac McMillan.
When participating in a health information exchange, providers need to take several HIPAA Omnibus Rule compliance steps, including spelling out responsibilities in the event of an HIE breach, says attorney Helen Oscislawski.
An important aspect of HIPAA Omnibus Rule compliance for covered entities as well as business associates and their subcontractors is policing what privacy attorney Gerard Stegmaier calls "the data supply chain."
Because big data brings significant benefits - and risks - CEOs and boards of directors must take charge of developing privacy protection policies, ISACA International Vice President Jeff Spivey says.
Keeping risk assessment documentation and other compliance evidence in a centralized repository is a good way to prepare for any HIPAA audit or investigation, says Mark Dill, Cleveland Clinic's security leader.
Today's advanced threats are no secret. Focusing the correct resources on them is the true challenge, says Will Irace of General Dynamics Fidelis Cybersecurity Solutions. He offers tips for harnessing the right skills and technology.
Version 3.0 of the PCI Data Security Standard is coming, and draft guidelines reflect the impact of recent retail breaches. PCI GM Bob Russo explains big changes to ensuring payment card security.
As new state health insurance exchanges gear up for open enrollment Oct. 1, privacy expert Chris Rasmussen asks whether regulators will miss the deadline for a risk analysis of a key data services hub.
Bruce McConnell, who just stepped down as one of the federal government's top cybersecurity policymakers, says he understands why some lawmakers don't trust DHS with significant authority to safeguard government IT.
It's time to start thinking about the next wave of DDoS attacks, says Neustar's Rodney Joffe. And it's time for other critical infrastructure industries - not just banks - to assess their risks.
When it comes to the impending Sept. 23 HIPAA Omnibus enforcement deadline, many smaller organizations are making serious progress - or seriously procrastinating, says compliance expert Margie Satinsky.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
