If Congress fails to enact a national breach notification law, the Obama administration could develop a set of voluntary best practices along the lines of its new cybersecurity framework.
Privacy notices are largely boring, confusing and ignored by patients. But federal regulators are holding a contest to spur development of patient-friendly, understandable notices to post online.
Here's a sampling of the many sessions at RSA 2014 that will provide timely insights for security specialists in the government sector on such topics as vetting foreign technologies and implementing the new cybersecurity framework.
In the quest to prevent data breaches, healthcare providers should take advantage of the free privacy and security resources available from federal regulators. Find out about the most popular guides offered.
Because of increasing cyber-attacks against government agencies, the inspector general says it's crucial for the State Department to address the continuing weaknesses in its information security program.
Federal agencies audited by the Government Accountability Office showed inconsistent responses to computer breaches involving personally identifiable information.
A combination of technical and managerial problems set the stage for hackers to breach a Department of Energy database last summer, a new report shows. The incident cost the department millions of dollars.
Receiving a notification letter about a data breach brings home the reality of just how common these incidents are - and how much prevention work, including encryption, still needs to be done.
The latest FISMA audit of the Department of Homeland Security furnishes fodder for both sides of the argument over whether Congress should codify Obama administration actions that have granted DHS sway over other federal civilian agencies.
Federal advisers heard concerns from healthcare providers, EHR software vendors and others this week about the cost and impracticality of a proposed requirement to offer patients an access report listing caregivers who had viewed their records.
Federal regulators plan to launch a permanent HIPAA compliance audit program in 2014 that targets a larger number of organizations but covers a narrower scope of issues. Learn the details the nation's top HIPAA enforcer revealed.
Medical ID theft can be prevented by improving awareness of the threat among consumers and boosting detection by healthcare organizations, according to a new report. Learn about key recommendations.
IT security pros see metrics as a useful tool to validate operational performance. But many organizations' top leaders evaluate security on cost. It's time to bridge that gap.
Significant security flaws involving access, configuration-management and continuous-monitoring controls have been identified in a new Inspector General audit of Veterans Affairs' IT systems.
Intermountain Healthcare deserves praise for its gutsy leadership on information security. It's calling attention to the value of thorough risk assessments, acknowledging its need to improve security and developing best practices to share.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
