To comply with the HIPAA Omnibus Rule, business associates and their subcontractors must immediately take several steps, including thoroughly documenting their privacy and security practices, says security expert Susan Lucci.
Two more cases of identity theft at hospitals shine a light on how patient information can be stolen to commit fraud. But healthcare organizations can take steps to help prevent these kinds of breaches.
Several consumer advocates say they're pleased that the HIPAA Omnibus Rule strengthens patient privacy protections and helps ensure patients can obtain their records. Learn about what they like - and dislike - in the rule.
In the aftermath of a data breach last year that affected 780,000 individuals, Utah legislators are considering a bill that would mandate state agencies identify and implement best practices for protecting data.
Privacy and security leaders, including John Houston at University of Pittsburgh Medical Center, are evaluating the changes needed to comply with the HIPAA omnibus final rule. Find out what's on their to-do lists.
Using technology to prevent breaches is insufficient. Security leaders also must address the human factor, making sure staff members receive appropriate training on clear-cut policies - before it's too late.
Managing advanced persistent threats will be a priority throughout 2013, says RSA CISO Eddie Schwartz. How should organizations defend themselves against APTs and the year's other top security threats?
"We're going to have to find a way to address the interests of other states to ... find common ground," Secretary of State John Kerry says. "We're just going to have to dig into it a lot deeper. I don't have a magic silver bullet to throw at you here today."