HIPAA compliance audits will continue next year after the results of this year's pilot program are analyzed, a federal official confirms. And the protocol for the audits could be refined based on the pilot.
The University of Texas MD Anderson Cancer Center is notifying 30,000 patients of a data breach after an unencrypted laptop was stolen from a faculty member's home.
While the U.S. Department of Justice calls the GlaxoSmtihKline resolution the largest healthcare fraud settlement in U.S. history, the case did not involve health data privacy or security issues.
"Without combining relevant data sets impacting the network, security professionals will fail in characterizing threats and targeted intruder activity," says Ed Stoner, a senior Carnegie Mellon researcher.
Learning how alleged fraudsters hacked systems and traded in stolen credit- and debit-card numbers can help organizations take steps to protect their customers' and stakeholders' sensitive information.
In the wake of the Supreme Court ruling, security and privacy leaders need to forge ahead with initiatives that were left in limbo while the court weighed the constitutionality of the healthcare reform law.
The story on how the FBI built its case against Jarand Moen Romtveit in an international carding sting gives IT security practitioners valuable insights on how one individual works in the murky world of hacking.
In what is being called "the largest coordinated international law enforcement action in history directed at carding crimes," 24 suspects have been arrested in a fraud scheme likely involving more than 400,000 accounts.
The UK Information Commissioner's Office has released a new security guide for small and midsized businesses. Simon Rice of the ICO discusses the guide and how to use it to avoid being breached.
Hacktivist attacks are on the rise. So how should organizations respond? ISF researcher Gregory Nowak offers unique advice about the role communications plays when hacktivist threats emerge.
Occupational fraud is quite possibly the largest form of fraud, says John Warren of the ACFE. So how can organizations spot the potential fraudsters and prevent their crimes? Warren shares insights.
The Department of Health and Human Services' Office for Civil Rights has published the official protocol for ongoing HIPAA compliance audits, offering a detailed breakdown of audit procedures.
A new GAO report criticizes HHS for its tardiness in issuing guidance for how to de-identify patient data. The report also calls on HHS to spell out plans for continuing its HIPAA compliance audit program beyond this year.
The Alaska Department of Health and Social Services has agreed to pay $1.7 million to settle a HIPAA case stemming from a relatively small breach. Federal authorities listed numerous security shortcomings at the department, which oversees Medicaid in the state.
Gartner's Tom Scholtz doesn't see a shortage of technically skilled IT security practitioners. But he perceives a dearth of infosec pros who truly understand how security links to an enterprise's business goals.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
