Events such as Superstorm Sandy provide an opportunity for business continuity pros to shine. What are the essential skills they need to face a crisis? Disaster recovery expert Regina Phelps offers her list.
To back up massive diagnostic imaging files, more healthcare organizations are turning to archiving in the cloud as part of their business continuity and disaster recovery efforts. How are they addressing security?
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
In this week's breach roundup, read about the latest incidents, including three healthcare breaches involving missing devices. The largest affected 116,000 patients served by Alere Home Monitoring in Waltham, Mass.
Several legal experts say new federal guidance fleshes out details about how healthcare organizations should de-identify patient data aggregated for research. But one privacy advocate says the guidance is inadequate.
Inspector General Patrick Malley deems as inadequate the existing approach to state IT security governance that resulted in a breach last summer of a Department of Revenue tax system, which exposed the Social Security numbers of nearly 4 million taxpayers.
McAfee CPO Michelle Dennedy and Intel CISO Malcolm Harkins work for the same company, but in some ways they are worlds apart. How must privacy and security leaders bridge gaps to face challenges ahead?
President Obama has proclaimed December as Critical Infrastructure Protection and Resilience Month, and is using that declaration to continue his campaign to get Congress to enact comprehensive cybersecurity legislation.
Absent a uniform method, the NIST interagency report investigates credential revocation, focusing on identifying missing requirements, and suggests a model for credential reliability and revocation services that addresses those missing requirements.
A new report says the Department of Health and Human Services must improve oversight of the HITECH Act's EHR incentive program, so that providers show better proof of compliance, including risk assessments.