The final version of regulations to carry out the HITECH Act must include far more details on privacy and security to ensure widespread adoption of electronic health records, says William R. Braithwaite, M.D., Ph.D.
In an interview, Braithwaite, widely known as "Dr. HIPAA" for his work in drafting the HIPAA...
Organized crime has targeted healthcare organizations for insurance fraud scams. What are the risks? What are the solutions?
Dr. Andrea Allmon, senior director with FICO, discusses:
Insurance fraud trends;
How organizations are most vulnerable;
What to do now to reduce fraud today.
Allmon is responsible for...
Interview with Dawn Cappelli of Carnegie Mellon University's Software Engineering Institute
Insider crimes are among the biggest threats to public and private sector organizations. And yet too many groups continue to struggle to prevent or even detect these crimes.
In an exclusive interview, Dawn Cappelli of...
Widespread implementation of encryption is a top priority at Stanford Hospital and Clinics, thanks, in large part, to the "safe harbor" in the HITECH breach notification rule, says Michael Mucha, information security officer.
He notes that organizations that use the proper form of encryption don't have to report...
A risk analysis should not be an annual event, but rather an ongoing process that's revisited whenever a healthcare organization adds or changes any application. That's the advice of Kenneth Bradberry, vice president and chief technology officer at ACS, a consulting firm recently acquired by Xerox.
In an interview...
C. Warren Axelrod is a veteran banking/security executive and thought-leader, and in an exclusive interview at the RSA Conference 2010 he discusses top security trends and threats, including:
Insider fraud;
Application security;
Cloud computing.
Axelrod is currently executive advisor for the Financial...
UAB Health System in Birmingham, Ala., is tackling a long list of information security projects, including updating intrusion detection and prevention systems.
In an interview, Terrell Herzig, HIPAA security officer, outlines priority projects, including:
Expanding the use of encryption;
Conducting...
What are the key banking/security topics on the minds of leaders of the nation's largest banks?
At the RSA Conference 2010, Paul Smocer of BITS and the Financial Services Roundtable discusses:
The Roundtable's information security priorities;
How regulatory reform may impact security organizations;
The...
Education and training are two of the key priorities of information security professionals and organizations in 2010. And professional certifications are at the heart of that training.
What's new in information security certifications? In an exclusive interview at RSA Conference 2010, W. Hord Tipton, Executive...
From RSA 2010: Interview with Bob Russo, GM of the PCI Security Standards Council
How will the Payment Card Industry Data Security Standard (PCI DSS) be amended, and when?
These are the key questions in payments security, and Bob Russo, GM of the PCI Security Standards Council, is prepared to start answering...
Hospitals preparing for a potential government audit of their HIPAA security rule compliance should "build a continual state of readiness," says David Wiseman, information security manager at Saint Luke's Health System, Kansas City, Mo.
To be fully prepared, Wiseman says hospitals should:
Conduct a HIPAA...
Chief information security officers need to be able to translate technical projects into clear business terms, says Todd Fitzgerald, co-author of the book, "CISO Leadership Skills: Essential Principles for Success."
In an interview, Fitzgerald:
Describes the managerial skills that CISOs need;
Outlines how to...
When it comes to protecting your organization and your customers from a data breach, what is considered "reasonable security?"
This question is at the center of several ongoing lawsuits, and how the courts answer it may be one of the biggest stories of 2010.
Shedding light on this hot topic is David Navetta,...
Michael Frederick, chief information security officer at Baylor Healthcare System in Dallas, is using the HITRUST Common Security Framework to help ease the task of complying with multiple regulations.
In an interview, Frederick, who heads a staff of 22, describes how the framework is helping him achieve several...
Choosing the right form of encryption is essential when attempting to comply with the HITECH Act, says consultant Rebecca Herold.
In an interview, Herold:
Stresses that healthcare organizations can gain an exemption from the HITECH requirement to report data breaches only if they use specific NIST-approved...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.