Federal authorities are launching several pilots to test metadata standards that could help pave the way for secure nationwide electronic health information exchange.
Because social media pose significant risks to patient privacy, healthcare organizations need to develop detailed social media policies. But unfortunately, many organizations have yet to take that action.
The Health Information Trust Alliance plans to enhance its Common Security Framework, a free regulatory compliance guide, by December 2012 to address privacy issues as well.
A Georgia man has entered a guilty plea in a hacking case that involved freezing the computer operations of a pharmaceutical company earlier this year.
"Veterans should have consistent and convenient access to reliable VA information real time using social media, whether on a smartphone or a computer," Secretary of Veterans Affairs Eric Shinseki says.
Healthcare organizations entering cloud computing contracts should carefully consider whether they need additional liability insurance coverage to address the risks involved, says IT consultant Gerard Nussbaum.
A federal proposal to require healthcare organizations to provide patients with access reports listing everyone who has electronically viewed their information is impractical, says Dan Rode of the American Health Information Management Association.
A hospital CIO calls for studies of how best to match patients to their records, citing the issue as critical to the success of health information exchanges.
Though IT business application functions and security-focused practices are expected to be integrated as a single process, secure configuration is the management and control of configurations for information systems to enable security and facilitate the management of information security risk.
Before negotiating a contract with a cloud computing vendor, organizations should ask plenty of questions about privacy and security, says consultant Chris Witt.
As far as Dr. Giles Hogben of ENISA is concerned, now might be the golden opportunity for information security experts to influence the security and privacy measures that may help define Internet safety for the next decade or beyond.
Bob Russo says the long-awaited PCI guidance on tokenization should provide merchants with a baseline for standardization and best practices, and serve as a roadmap for how tokenization can complement compliance with the PCI-DSS.
Do patients really want to know the identity of every doctor, nurse, technician, intern, specialist, admin and consulting physician who ever viewed their records?
"There are still a lot of inexperienced people out there that are passing themselves off as experts," says Scott Laliberte, managing director of Protiviti, outlining the common challenges of penetration testing.
As fraud continues to evolve and affect financial institutions, careers are plentiful for fraud-fighting professionals, says Jean-Francois Legault, a fraud investigations specialist with Deloitte and Touche.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
