While the 2014 Healthcare Information Security Today survey indicates more healthcare entities are performing HIPAA security risk assessments, smaller providers and business associates are still struggling with this task, says security expert Kate Borten.
Although access to electronic health information is expanding to more users, including patients, many healthcare organizations are still reluctant to use advanced methods of authentication, says Jeff Cobb, CISO at Capella HealthCare.
The Government Accountability Office's Gregory Wilshusen is an empathetic IT security auditor, saying he understands why agencies don't always follow his recommendations. Read why.
The Royal Canadian Mounted Police have arrested and charged a 19-year-old London, Ontario, man for his alleged role in exploiting the Heartbleed vulnerability to steal data from the Canada Revenue Agency website.
Many covered entities are still tackling the challenge of making sure their business associates are HIPAA compliant, says security specialist Andrew Hicks, who analyzes the results of the 2014 Healthcare Information Security Today survey .
Three years ago, trust on the Internet - or the lack thereof - focused, in part, on the faceless hacking groups such as Anonymous and LulzSec. Today, we have a face for this lack of trust, and it looks a lot like Uncle Sam and a Chinese Red Army cybersoldier.
In the wake of recent high-profile retail breaches, the PCI Security Standards Council is supporting a move toward chip card technology that conforms to the Europay, MasterCard, Visa Standard, says General Manager Bob Russo.
Tech companies continue to respond to the Heartbleed vulnerability by issuing alerts and patches to mitigate potential data compromises. Learn the latest advice from Trend Micro and ICSA Labs, plus updates from Rackspace, Akamai and Bitcoin.
Thorough documentation will be more important in the next round of HIPAA compliance audits slated to begin this fall because most will not involve onsite examinations, says privacy attorney Adam Greene.
President Obama has reportedly decided that the government shouldn't exploit encryption flaws, such as Heartbleed, in most instances unless there's "a clear national security or law enforcement need." But how should that need be determined?
CISOs in all sectors are taking steps to mitigate the risks posed by the OpenSSL vulnerability known as the Heartbleed bug. Learn how they're sizing up the situation and taking action.
Malcolm Harkins has a unique role. He oversees both security and privacy for global technology vendor Intel. What tips does he offer individuals who seek to build careers in either discipline - or both?
The HHS Office for Civil Rights will resume its HIPAA compliance audit program this fall with a limited number of narrowly focused "desk audits," plus comprehensive on-site audits "as resources allow."
The Obama administration has issued a policy statement that says businesses sharing cyberthreat information with one another are not violating antitrust laws.
Technology companies Cisco and Juniper Networks have issued alerts about which of their products are vulnerable to the Heartbleed bug. Learn about the latest developments.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
