A federal audit of three California Medi-Cal (Medicaid) managed care organizations found dozens of "high risk" security control vulnerabilities. But security experts say the problems identified, unfortunately, are common throughout the healthcare sector.
With the heightening of the threat of cyber-attacks to America's critical infrastructure, a congressional watchdog says federal agencies need to adopt better metrics to determine the risks specific to the industries they monitor.
A government audit of Internal Revenue Service financial statements reveals deficiencies in internal information security controls, including missing security updates, insufficient audit trails and monitoring for certain key systems and use of weak passwords.
Gregory Wilshusen discusses the path he followed to his job as the government's lead information security auditor and the skills needed to be an InfoSec auditor.
Too often, individuals who fail to take the proper steps to secure IT aren't punished for their reckless behavior. But should those who consistently fail to follow safe cyber hygiene be severely penalized for repeatedly falling for phishing attacks?
The human element has been referred to as the weakest link in the security chain. Do advances in applying analytics to human behavior hold the key to reducing risks?
If the Chinese government hacked the U.S. Office of Personnel Management for espionage purposes, then the U.S. government's $133 million contract to provide ID theft monitoring services is a waste of money. Instead, the agency could have used the funds to safeguard its systems against future attacks.
Statements issued by the United States and China give a different take on cybersecurity talks scheduled to take place next week between presidents Barack Obama and Xi Jingling.
To prepare for next year's resumption of HIPAA compliance audits, organizations must be ready to demonstrate how they're complying with the revised breach notification rule and how they're providing patients with electronic access to records, says attorney David Holtzman.
BlackBerry plans to buy mobile device management rival Good Technology for $425 million. BlackBerry must prep for a future in which it no longer manufactures hardware - and that's why this deal makes sense.
In her first interview since joining the HHS Office for Civil Rights as deputy director of health information privacy, Deven McGraw describes plans to relaunch HIPAA compliance audits next year and outlines other priorities.
The HHS Office for Civil Rights is getting closer to resuming the HIPAA compliance audit program, says OCR Director Jocelyn Samuels. Plus, OCR has completed another major breach-related settlement, and it's firming up plans for several new compliance-related initiatives.
An inspector general's memo that highlights three significant information security deficiencies that have plagued the U.S. Department of Labor for the past five years points out problems that most federal agencies confront.
The outrage directed at Oracle Corp.'s security chief after a recent blog post in which she scolded third parties who scan the company's software looking for security flaws had a familiar ring: Do medical device makers have a similar cybersecurity attitude?
The Ashley Madison dating website hack and threatened data release is a perfect illustration of the perils - and promise - of our Internet-connected, hacktivist age, whether it comes to online dating or the Internet of Things.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.