Collecting massive amounts of data on individuals, whether in the government or private sector, has become the norm in our society. It's not quite Orwellian, but it's a situation we might have to learn to live with.
As they develop mitigation strategies, organizations must keep in mind that all cyber-attacks, ranging from DDoS to phishing, ultimately aim to compromise data - and they virtually all are advanced and persistent.
With promises of ramped up HIPAA enforcement by federal regulators, and changes in the breach notification rule under the HIPAA Omnibus Rule, it's time for organizations to get serious about insider risks.
Making broader use of encryption is an important breach prevention strategy. But what's the best way to set encryption priorities? CISO Eric Cowperthwaite explains how a risk assessment plays a vital role.
In a question and answer session, an FDA official confirms the agency is evaluating how it reviews medical device vulnerabilities and discusses ways that healthcare organizations, vendors and consumers can address security threats.
How can smaller healthcare organizations determine whether a vendor is a business associate or subcontractor directly liable for compliance under the new HIPAA Omnibus Rule? Regulatory expert Marjorie Satinsky explains.