This kind of problem happens to everybody, says Marcus Ranum, CSO of Tenable Network Security, in response to the widely publicized breach at RSA. And maybe hes right. Perhaps this kind of problem does happen to everyone. But should it?
Some physician group practices that already have an electronic health record system are playing a game of "hurry up and wait" when it comes to qualifying for HITECH Act EHR incentive payments and bringing their security plans up to date.
When a database breach occurs, consumer notification continues to be a public problem, and it's time for the federal government to step in, says Linda Foley, co-founder of the non-profit Identity Theft Resource Center.
When the HITECH Act was enacted early in 2009, much was made of its provisions calling for tougher enforcement of the HIPAA privacy and security rules. But we're still waiting for ramped-up enforcement to begin.
Whitehouse Cybersecurity Coordinator Howard Schmidt used wit to share his wisdom about healthcare information security in a rambling, folksy keynote address this week. He stressed that healthcare organizations of all sizes need to take security more seriously.