A combination of technical and managerial problems set the stage for hackers to breach a Department of Energy database last summer, a new report shows. The incident cost the department millions of dollars.
Receiving a notification letter about a data breach brings home the reality of just how common these incidents are - and how much prevention work, including encryption, still needs to be done.
The latest FISMA audit of the Department of Homeland Security furnishes fodder for both sides of the argument over whether Congress should codify Obama administration actions that have granted DHS sway over other federal civilian agencies.
Federal advisers heard concerns from healthcare providers, EHR software vendors and others this week about the cost and impracticality of a proposed requirement to offer patients an access report listing caregivers who had viewed their records.
Federal regulators plan to launch a permanent HIPAA compliance audit program in 2014 that targets a larger number of organizations but covers a narrower scope of issues. Learn the details the nation's top HIPAA enforcer revealed.
Medical ID theft can be prevented by improving awareness of the threat among consumers and boosting detection by healthcare organizations, according to a new report. Learn about key recommendations.
IT security pros see metrics as a useful tool to validate operational performance. But many organizations' top leaders evaluate security on cost. It's time to bridge that gap.
Significant security flaws involving access, configuration-management and continuous-monitoring controls have been identified in a new Inspector General audit of Veterans Affairs' IT systems.
Intermountain Healthcare deserves praise for its gutsy leadership on information security. It's calling attention to the value of thorough risk assessments, acknowledging its need to improve security and developing best practices to share.
An inspector general's audit of the Department of Veterans Affairs will highlight security control deficiencies in four key areas. Inconsistent enforcement of programs is a major concern.
There's still plenty of confusion about compliance with the HIPAA Omnibus Rule - and HIPAA in general. But regulators and experts clarified some important issues at a conference this week.
The OWASP Top Ten list of security risks was created more than a decade ago to be the start of an industry standard that could bootstrap the legal system into encouraging more secure software. Here are the 2013 updates.
A recent $1 million cyberheist at a county hospital illustrates why healthcare organizations must pay attention to securing financial as well as clinical data - and educate staff about how to recognize phishing e-mails.
A 143-point drop in the Dow Jones Industrial Average proves the power of social media and the havoc it can cause when an account gets hacked. It's time for social media companies to tighten the authentication process.
The UK government pledges at Infosecurity Europe to help businesses improve cybersecurity. But it's going to take more than vouchers and training to address Europe's top threats to security and privacy.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.