Embedding some information security practitioners within business units could help improve IT security awareness in many enterprises, reducing security risk, says Steve Durbin, global vice president of the Information Security Forum.
Conventional wisdom dictates that the high demand for IT security practitioner would cause salaries to rise, perhaps significantly. But a new study by SANS shows only a slight fattening of paychecks for many IT security professionals.
As the HHS Office for Civil Rights ramps up HIPAA enforcement activities, a key leader of the agency's HIPAA initiatives has retired, and the director of the agency may soon be leaving as well. Find out the very latest details.
A judge has dismissed most of the claims in a consolidated class action lawsuit stemming from the 2011 data breach involving SAIC and the military health program TRICARE, which affected 4.9 million individuals.
To address new features and new threats, the National Institute of Standards and Technology has revised its guidance for transport layer protocol. Learn about the recommendations for protecting data during transmission.
The chairman of a House committee has requested that the GAO conduct "end-to-end testing" of the HealthCare.gov website for Obamacare, greatly expanding GAO's security review plans. But federal officials say extensive testing of the site is ongoing.
Today's cybercriminals are perfecting the use of advanced-persistent-threat attacks to pilfer valuable information from precisely targeted victims, says Greg Day of security provider FireEye.
Timely analysis of data residing in an organization's information systems is a critical element of IT security, say Haiyan Song and Joe Goldberg of the security firm Splunk.
Federal regulators are considering whether data segmentation technology that protects sensitive patient information when it's exchanged should be required for electronic health record software certified for the HITECH Act incentive program.
Leading this week's industry news roundup, FireEye has announced plans to acquire nPulse Technologies, which offers a network forensics solution, while CA Technologies joins the FIDO Alliance, which is developing authentication standards.
With a second House panel approving the USA Freedom Act, Congress moves a step closer to sending the president a bill to limit the government's bulk metadata collection program, the Center for Democracy and Technology's Harley Geiger says.
"Security as a business enabler" was the mantra echoing through the recently concluded 2014 Infosecurity Europe conference in London, a message that should have been heeded by top executives at retailer Target last year.
Federal regulators have issued a $4.8 million sanction, the largest HIPAA settlement to date, against two partnering New York healthcare organizations following a breach affecting just 6,800 individuals. Learn the details behind the tough penalty.
A data breach involving an insider at UMass Memorial Medical Center, which may date back a dozen years, illustrates how difficult it can be to detect inappropriate access to patient records. Find out what tips security experts offer.
As the number of cybersecurity incidents increase, departments and agencies are doing a better job of complying with the law that governs IT security in the U.S. federal government, a new report to Congress from the White House says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.