New guidance from federal regulators about using the Direct secure messaging protocol for health information exchange will help build trust among those sharing data, says security consultant Tom Walsh.
The Obama administration is intensifying efforts to get the Chinese government to stop hacking activities following a report that designs for many of the nation's most sensitive advanced weapons systems have been compromised by Chinese hackers.
Healthcare organizations need to provide more meaningful education on key information security issues, says Daniel Berger, CEO at Redspin.
The Healthcare Information Security Today survey shows that ramping up training is the No. 1 step organizations plan to take this year to help prevent health data breaches.
Healthcare organizations need to more closely monitor how staff members access patient information to minimize "insider threats" that could compromise privacy or lead to fraud, says security consultant Mac McMillan.
In 2012, ExperianÂ® Data Breach Resolution dealt with 1700 breaches - 800 of them in the healthcare sector. What are the common gaps for organizations looking to comply with new HIPAA Omnibus standards?
Consumer advocate Deven McGraw says many provisions in the HIPAA Omnibus Rule, including better breach notification guidance and expansion of HIPAA liability to business associates, will provide substantial benefits to patients.
A House panel establishes a bipartisan supply chain working group to explore the federal government's role in helping industry assure that IT and telecommunications wares they buy abroad are safe from exploits.
Congress is highly unlikely to enact new laws to require industry to adhere to cybersecurity regulations. But that hasn't stopped a fierce debate among lawmakers and security experts on the value of such rules.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.
A $400,000 federal penalty stemming from the investigation of a breach at a clinic owned by Idaho State University is the latest example of how even relatively small security incidents can trigger hefty sanctions.