Healthcare organizations need to assess and mitigate security risks for medical devices just as diligently as they do for other information technology, says Sharon Finney, data security leader at 44-hospital Adventist Health System.
Attacks aimed at mobile devices are progressing much more rapidly than any attacks ever waged against PCs. Organizations are in danger if they don't pay attention, says anti-phishing expert Dave Jevans.
Market demand for patching and add-ons for security could be adversely affecting the way universities are teaching the next generation of cybersecurity professionals, says Professor Eugene Spafford.
New guidance from federal regulators about using the Direct secure messaging protocol for health information exchange will help build trust among those sharing data, says security consultant Tom Walsh.
The Obama administration is intensifying efforts to get the Chinese government to stop hacking activities following a report that designs for many of the nation's most sensitive advanced weapons systems have been compromised by Chinese hackers.
Healthcare organizations need to provide more meaningful education on key information security issues, says Daniel Berger, CEO at Redspin.
The Healthcare Information Security Today survey shows that ramping up training is the No. 1 step organizations plan to take this year to help prevent health data breaches.
The HIPAA Omnibus Rule streamlines the process of obtaining patients' permission for use of their information in medical research projects. Privacy attorney Adam Greene sorts through the details.
Healthcare organizations need to more closely monitor how staff members access patient information to minimize "insider threats" that could compromise privacy or lead to fraud, says security consultant Mac McMillan.
In 2012, Experian® Data Breach Resolution dealt with 1700 breaches - 800 of them in the healthcare sector. What are the common gaps for organizations looking to comply with new HIPAA Omnibus standards?
Consumer advocate Deven McGraw says many provisions in the HIPAA Omnibus Rule, including better breach notification guidance and expansion of HIPAA liability to business associates, will provide substantial benefits to patients.
There's still plenty of confusion about compliance with the HIPAA Omnibus Rule - and HIPAA in general. But regulators and experts clarified some important issues at a conference this week.
A House panel establishes a bipartisan supply chain working group to explore the federal government's role in helping industry assure that IT and telecommunications wares they buy abroad are safe from exploits.
What determines the size of a penalty for HIPAA violations? Find out what Leon Rodriguez, director of the HHS Office for Civil Rights, says are the key factors.
Facing advanced cyber-attacks, organizations must shift their focus to detection and mitigation, says ISACA's Jeff Spivey, who outlines four capabilities necessary for effective response.
Congress is highly unlikely to enact new laws to require industry to adhere to cybersecurity regulations. But that hasn't stopped a fierce debate among lawmakers and security experts on the value of such rules.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.