The rush to find qualified IT security professionals to meet current cyberthreats could jeopardize IT systems' security in the not-too-distant future, say two leading IT security experts, Eugene Spafford and Ron Ross.
The Boston Marathon tragedy is yet another reminder to organizations to develop alternative ways to communicate with employees during such emergencies. Otherwise, they could put their organizations' continuity plans at risk.
A substantial prison sentence issued April 10 in a case involving medical ID theft and Medicare fraud calls attention to the need to protect paper, as well as electronic, records.
Adventist Health System faces a class action lawsuit in the wake of a health data theft case that resulted in three guilty pleas. The lawsuit alleges Adventist failed to adequately protect patient information.
As part of their mobile security strategies, healthcare organizations must remember not to neglect issues involved with medical devices used for patient care, says privacy expert Peter Swire, a former presidential adviser.
Business associates and subcontractors that handle protected health information must prepare for audits and enforcement actions under the HIPAA Omnibus Rule, says security expert Susan Lucci.
Improving regulatory compliance and security training, as well as detecting and preventing breaches, are top priorities for 2013, the Healthcare Information Security Today survey shows. Sharp HealthCare CIO Bill Spooner tells why those issues are critical.
The New York eHealth Collaborative is developing a national provider directory to ensure that electronic queries for patient data go to the right place and privacy is protected, says the group's leader, David Whitlinger.
Two insiders at healthcare facilities affiliated with the University of Florida have been arrested in ID theft cases. The breaches were part of a broader ID theft ring, authorities allege, and more arrests are pending.
The Obama administration's proposed budget for HHS includes a hefty increase in funding for the office that runs the HITECH electronic health record incentive program and a smaller budget hike for the HIPAA enforcement unit.
The SEC in 2011 issued staff guidance on disclosure obligations regarding cyber-risks and incidents. Now, Senate Commerce Committee Chairman Jay Rockefeller wants the SEC commissioners themselves to provide the guidance.
An administration spokeswoman says a House committee has made a good-faith effort to address White House concerns about the information-sharing bill, but contends fundamental priorities still haven't been addressed.
To prevent data breaches, healthcare organizations are taking a number of critical steps, including ramping up their use of encryption, the second annual Healthcare Information Security Today Survey shows.
The advocacy group Patient Privacy Rights has co-developed a "trust framework" that IT vendors and their clients can use to help measure compliance with privacy principles. But will it prove practical?
Healthcare organizations need to stop offering what amounts to "HIPAA training light" and instead provide meaningful education on key information security issues, says Daniel Berger, CEO at Redspin.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
