Expanding the use of encryption is a top breach prevention step for 2013, the Healthcare Information Security Today survey confirms. And CISO Eric Cowperthwaite says a risk assessment is essential for setting encryption priorities.
The rush to find qualified IT security professionals to meet current cyberthreats could jeopardize IT systems' security in the not-too-distant future, say two leading IT security experts, Eugene Spafford and Ron Ross.
As part of their mobile security strategies, healthcare organizations must remember not to neglect issues involved with medical devices used for patient care, says privacy expert Peter Swire, a former presidential adviser.
Improving regulatory compliance and security training, as well as detecting and preventing breaches, are top priorities for 2013, the Healthcare Information Security Today survey shows. Sharp HealthCare CIO Bill Spooner tells why those issues are critical.
The New York eHealth Collaborative is developing a national provider directory to ensure that electronic queries for patient data go to the right place and privacy is protected, says the group's leader, David Whitlinger.
To ensure the security of sensitive patient information, healthcare organizations need to build a long-term user authentication strategy that creates a comprehensive framework, says Sam Curry, chief technologist at RSA.
NIST's Ron Ross sees complexity as the biggest risk enterprises face. To ease risk, Ross favors moving data to the cloud. Purdue's Eugene Spafford doesn't fully subscribe to Ross' plan. The two square off in this interview.
To meet the HITECH Act electronic health record incentive program's upcoming requirements for health information exchange, providers will need to use security best practices. David Kibbe, M.D., of DirectTrust, explains how his group is fostering those practices.
Kaspersky Lab has identified a new spear-phishing attack involving a Trojan designed to target Android devices. Researcher Kurt Baumgartner says organizations need to be prepared for more mobile malware attacks.
Intel has added privacy to the portfolio of its top information security executive, Malcolm Harkins, who says too many information security professionals are "color blind or tone deaf" to privacy, wrongly thinking strong data protection provides privacy safeguards.
Getting inspectors general and agencies' IT security heads to agree on how best to evaluate information security should strengthen U.S. federal government agencies' risk management frameworks, say former OMB leaders Karen Evans and Franklin Reeder.
The health advocacy group Genetic Alliance on April 5 will unveil a registry designed to enable patients to control how health information is shared with researchers. Spokesman Greg Biggers discusses privacy measures.
Computer networks in nations where the government has ratified international cyber-agreements have lower incidents of malware infection, says Paul Nicholas, Microsoft senior director of global security strategy and diplomacy.
The new Aurora Research Institute is taking multiple steps to protect the privacy of patients who participate in medical research, clinical trials and personalized medicine endeavors, says institute leader Randall Lambrecht.