University of Pittsburgh Medical Center is replacing its decade-old identity management system with a new system that can better tackle emerging risks, says John Houston, UPMC's security and privacy leader.
Preparing for compliance with the privacy and security provisions of the HIPAA Omnibus Rule and the HITECH Act electronic health record incentive program go hand-in-hand, says federal privacy officer Joy Pritts.
As the banking industry gets better at defending itself against security threats, cybercriminals will focus more of their attention on stealing data from the healthcare industry, predicts cybercrime expert Bill Fox.
Authenticating appropriate network administrators and employees has become increasingly challenging, especially for healthcare organizations and regional banking institutions, says Tim Ager of Celestix.
Business line managers are in better positions to control and monitor network and system access privileges than IT departments, since they know their employees and the privileges they should be provided, says Bill Evans of Dell Software.
The resumption of the HIPAA compliance audit program is on hold while regulators analyze pilot audit project results and implement the HIPAA Omnibus Rule, says Susan McAndrew of the HHS Office for Civil Rights.
New research says more than 25 percent of consumers hit by a data breach later become victims of identity fraud - especially when payment card information is exposed. Javelin's Al Pascual shares analysis.
The private sector has a unique opportunity to respond to President Obama's cybersecurity executive order and help shape information sharing and critical infrastructure protection. David Burg of PwC tells how.