The draft legislation would have the Department of Homeland Security conduct risk assessments on critical national IT systems and lead efforts to adopt use of new technologies and practices to keep pace with emerging cyberthreats.
A key to developing a successful data breach prevention, detection and notification program is to gain buy-in from senior management and board members, says Bob Krenek of ExperianÂ® Data Breach Resolution.
Penetration tests that demonstrate how an unauthorized user could gain access to patient information can be effective in building support for a bigger information security budget, says David Kennedy of Diebold, Incorporated.
In the interview, Kennedy:
Emphasizes the role that comprehensive information security...
A new, free HIPAA Security Rule Toolkit is designed to help healthcare organizations conduct a thorough risk assessment, says Kevin Stine, who helped guide the project for the National Institute of Standards and Technology.
Physician group practices, many of which are adopting their first electronic health record system, need to make staff training on privacy and security issues a top priority, says Susan Turney, M.D., the new CEO at the Medical Group Management Association.
Hospitals and physicians that qualify for Stage 1 of the HITECH Act electronic health record incentive program this year will have extra time to comply with Stage 2 requirements, which are expected to include tougher privacy and security guidelines.
Accountable Care Organizations that will be formed to coordinate treatment of some Medicare patients must make HIPAA compliance, including risk assessments, a top priority, says security expert Rebecca Herold.
None of the agencies surveyed by GAO could precisely enumerate the number of IT security personnel they employed. In fact, estimates within agencies varied widely, based on who was reporting and analyzing employment data.