Lawmakers have raised concerns that the Food and Drug Administration hasn't been as forthright as it should in disclosing an October breach that exposed personally identifiable information of 12,000 to 14,000 individuals.
Managers at all levels must understand their responsibilities in providing role-based cybersecurity training, says Patricia Toth, a computer scientist at the National Institute of Standards and Technology.
The HHS Office for Civil Rights, which enforces HIPAA, has some compliance issues of its own to address, according to a new inspector general report. But OCR officials say they've been addressing those matters.
A letter from eight prominent online companies to President Obama and Congress calls for reform of government surveillance programs, outlining concerns about the way the NSA monitors online and telephone communications.
A breach potentially affecting hundreds of thousands of individuals insured by Horizon Blue Cross Blue Shield of New Jersey offers more proof that physical security is no substitute for encryption.
Mobile security is no longer about managing devices, says Ian McWilton of Moka5. The real trick is to secure corporate assets through containerization solutions that reduce costs and improve user experience.
The partial takedown of ZeroAccess, one of the world's largest botnets, is an example of the role that collaboration between business and law enforcement can play in battling cybercrime.
Federal regulators plan to give healthcare providers an extra year to comply with requirements, including enhanced privacy and security measures, for Stage 2 of the HITECH Act electronic health record incentive program.
Healthcare providers and their business associates need to take steps to protect patient data as they would defend any other significant business asset, says David Holtzman, a former senior official at the agency that enforces HIPAA.
The theft of 2 million credentials reminds security professionals that their organizations are at risk because many employees use the same passwords and devices for personal and business purposes, data security lawyer Ronald Raether says.
The IRS system that would allow eligible taxpayers to use refunds to help pay for health insurance under the Affordable Care Act wasn't built to detect fraud, a just-issued audit reveals.
As security leaders continue to have a growing influence with C-suite executives and boards of directors, they need to overcome communication challenges, says IBM's David Jarvis.
The Department of Health and Human Services should make several revisions in its plans for a revamp of the HIPAA accounting of disclosures rule and conduct pilot tests before implementing a final rule, an advisory panel recommends.
Hackers have pilfered some 2 million user passwords and credentials for Facebook and other social media and Internet sites, according to IT security provider Trustwave. The hackers attacked computers in about 100 nations.
The latest FISMA audit of the Department of Homeland Security furnishes fodder for both sides of the argument over whether Congress should codify Obama administration actions that have granted DHS sway over other federal civilian agencies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
