The 9/11 Commission, in its 10th anniversary report, cautions Americans and the U.S. government to treat cyberthreats more seriously than they did terrorist threats in the days and weeks before Sept. 11, 2001.
Effective risk management requires involvement of an organization's top leader; the resignation of Eric Shinseki as secretary of Veterans Affairs means that the VA likely will continue to struggle to comply with federal requirements for IT security.
As federal regulators weigh changes in the requirements for the HITECH Act electronic health record financial incentive program, it's essential that they adequately address privacy and security issues.
As federal regulators reveal details for the next phase of HIPAA compliance audits, security and privacy experts give the plan mixed reviews. Find out what experts like and don't like about the proposals.
The Government Accountability Office's Gregory Wilshusen is an empathetic IT security auditor, saying he understands why agencies don't always follow his recommendations. Read why.
Three years ago, trust on the Internet - or the lack thereof - focused, in part, on the faceless hacking groups such as Anonymous and LulzSec. Today, we have a face for this lack of trust, and it looks a lot like Uncle Sam and a Chinese Red Army cybersoldier.
The HHS Office for Civil Rights will resume its HIPAA compliance audit program this fall with a limited number of narrowly focused "desk audits," plus comprehensive on-site audits "as resources allow."
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
If Congress fails to enact a national breach notification law, the Obama administration could develop a set of voluntary best practices along the lines of its new cybersecurity framework.
Privacy notices are largely boring, confusing and ignored by patients. But federal regulators are holding a contest to spur development of patient-friendly, understandable notices to post online.
Here's a sampling of the many sessions at RSA 2014 that will provide timely insights for security specialists in the government sector on such topics as vetting foreign technologies and implementing the new cybersecurity framework.
In the quest to prevent data breaches, healthcare providers should take advantage of the free privacy and security resources available from federal regulators. Find out about the most popular guides offered.
Because of increasing cyber-attacks against government agencies, the inspector general says it's crucial for the State Department to address the continuing weaknesses in its information security program.
Federal agencies audited by the Government Accountability Office showed inconsistent responses to computer breaches involving personally identifiable information.
A combination of technical and managerial problems set the stage for hackers to breach a Department of Energy database last summer, a new report shows. The incident cost the department millions of dollars.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.