Thor Ryan, chief security officer at the Alaska Department of Health and Social Services, offers lessons learned as a result of his organization's $1.7 million settlement following a HIPAA compliance investigation triggered by a small breach incident.
The information security threat landscape has evolved considerably over the past six years, and it's time that organizations' defenses evolve to match them, says Tom Kellermann of Trend Micro.
A federal agency is offering a free online training program that provides useful insights on protecting information privacy. Learn how this clever training "game" works.
The growth in messaging technologies has fraudsters targeting new channels to attack organizations. Craig Spiezle of the Online Trust Alliance offers tips on how to improve messaging security.
A Twitter posting by an individual claiming to be from the hacktivist collective Anonymous claimed it targeted GoDaddy on Sept. 10, but it wasn't until the following day the company determined its computers were not breached.
Federal authorities have dropped plans to draft regulations setting voluntary "rules of the road," including privacy and security guidelines, for health information exchanges to help pave the way for the national exchange of information.
An individual claiming to be part of Anonymous, the hacktivist group that has targeted big business and government, seems to have taken aim at small businesses by claiming to have disrupted website host GoDaddy.com.
Sen. Susan Collins, who, like President Obama, backs the Cybersecurity Act, cautions the president against issuing an executive order to protect the nation's critical IT, saying it would send an signal that congressional action isn't urgently needed.
You have one shot to get it right. How should organizations prepare properly for a data breach? Experian's Michael Bruemmer outlines four steps to help ensure a smart approach to breach preparation.
Mike Mitchell, who serves as chairman of the PCI Security Standards Council, says mobile is a focus for leaders in the payment security space. So does the PCI Council expect emerging tech to influence the PCI-DSS?
A criminal and public health investigation in New Hampshire involving a former hospital worker who allegedly infected dozens of patients with Hepatitis C is turning into a patient privacy debate.
An advisory panel wants a multi-factor authentication requirement included in Stage 3 of the HITECH Act electronic health record program. Find out under what circumstances that requirement would apply.
Owners of Apple iPad, iPhone and iPod Touch devices whose unique device identifiers might have been exposed in a breach would face little, if any, potential harm as a result.
Consumer advocates are praising many of the privacy and security provisions of the final rules for Stage 2 of the HITECH Act EHR incentive program but lamenting some omissions. Find out the details.
Organizations must carefully consider patch management in the context of overall IT security because it's so important to achieving sound security. Read about NIST's recommendations on how best to implement patch management.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
