As the Office of the National Coordinator for Health IT thinks through care models and broader issues of big data, Karen DeSalvo, head of the office, says it's striving to ensure privacy and security for patients.
Continuous monitoring is helping Freddie Mac reduce the number of security controls it uses to safeguard its information systems, says CISO Patricia Titus, who summarizes lessons that can apply to government and private-sector entities.
A second economic espionage campaign has been tied to a Chinese military hacking team. But does that attribution help businesses, or just highlight security firms battling for government cybersecurity spending?
When NIST issued "Guidelines on Cell Phone Forensics" in May 2007, Apple's introduction of the iPhone was a month away. Seven years later, NIST is revising its guidance and giving it a new moniker, "Guidelines on Mobile Device Forensics."
A call center worker at the Connecticut health insurance exchange loses a backpack containing notepads containing sensitive consumer information. Investigators want to know why the paper-based information left the building.
A federal advisory panel has taken a small step toward establishing voluntary electronic health records software certification requirements designed to help pave the way for securely exchanging behavioral health information.
During a video interview with Information Security Media Group, FireEye's SVP and COO, Kevin Mandia, details the three stages of advanced threats; attractive nuisances, criminal activity, and nation-state activities.
During a video interview with Information Security Media Group, FireEye's David DeWalt, CEO, and Kevin Mandia, SVP and COO, discuss the new security model, and how to effectively prevent against cyber-threats.
Imagine a cyber-attack that disables an electricity distribution center. What's the role of the U.S. military, government or the utility company in defending and retaliating? That's a question on the mind of Army Col. Gregory Conti.
Florida's recent rollout of knowledge-based authentication in the application process for various benefits programs, including Medicaid, is already helping to crack down on ID theft and fraud, says Andrew McClenahan, who heads the effort.
For the next round of HIPAA compliance audits that begins this all, organizations need to prepare documentation that can speak for itself, because unlike the pilot program, there will be no onsite visits, says privacy attorney Adam Greene.
The Office of the National Coordinator for Health IT has unveiled its 10-year plan for achieving an interoperable, nationwide health IT infrastructure. The plan includes privacy and security among five core building blocks.