The line between national security and civilian systems is a blurry one, says Franklin Reeder, a former OMB executive, who co-authored a report identifying ways to cross the line to defend both.
A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
The increase since 2006 in the number of IT security terms found in a new NIST glossary shows the importance of information security in the way we conduct business today.
A new training and testing program is being developed for a credential certifying expertise in healthcare information security. Learn why ISC2 and HITRUST are working together on the project.
The Walgreens drugstore chain will pay $16.6 million to settle a California case involving improper disposal of hazardous waste, as well as certain confidential patient information, in dumpsters near their stores.
In parts of Europe and Asia, privacy legislation took solid steps forward in 2012. In the U.S., however, progress has stalled. Is the U.S. at risk of falling behind when it comes to privacy protection?
A new Congress - the 113th - comes to Washington in January, and the battles over IT security begin anew. Here's my take on how cybersecurity will take shape in 2013.
Healthcare organizations need to more closely monitor how their business associates protect the security of patient information and step up risk assessments as they prepare to comply with looming HIPAA modifications, says attorney Lisa Sotto.
HIPAA compliance audits will resume within about a year once results of a recently completed pilot program are reviewed, says Leon Rodriguez, director of the Department of Health and Human Services' Office for Civil Rights.
The National Institute of Standards and Technology has published new guidance on generating cryptographic keys to help organizations protect their data with secure keys no matter the type of algorithm they choose.
In this week's breach roundup, read about the latest incidents, including a California state health department breach involving Social Security numbers posted online and an e-mail hack affecting patients in the Carolinas.
A new, private-sector electronic health record certification program will test whether software meets higher security and interoperability requirements than those for the HITECH Act's EHR incentive program.
While unveiling a new online resource offering mobile device privacy and security tips to help prevent health data breaches, HHS officials also stress the need for annual risk assessments.
It's as much about people as it is technology for organizations to successfully implement a continuous monitoring program, says George Schu, senior vice president at Booz Allen Hamilton.
Looking for a holiday gift for your boss who doesn't quite understand information security lingo? The National Institute of Standards and Technology has one you can give, and it's free.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
