Many healthcare organizations are ramping up their use of mobile devices before they have appropriate privacy and security policies, procedures and technologies in place, some experts say.
The White House Office of Management and Budget, in its yearly Federal Information Security Management Act report to Congress, gives departments and agencies mixed grades in their efforts to secure federal IT for fiscal year 2011.
Jason Clark, CSO of Websense, has spent a significant amount of time meeting with over 400 CSOs. From his interactions, Clark offers his advice on how chief information security officers can be more effective.
Cloud security - everybody is talking about it, but what's actually being done? Becky Swain, founding member of the Cloud Security Alliance, discusses transparency, compliance and a new mobile initiative.
Protecting the availability, confidentiality and integrity of information are the core tenets of IT security. But an FBI cybersecurity leader, Steve Chabinsky, suggests the central theme of IT security needs to be broadened to include assurance and attribution.
The news that BlueCross and BlueShield of Tennessee paid a $1.5 million penalty following a massive breach incident could signal the start of a new era of enforcement.
The rise in hacktivism and data breaches changed the information security landscape. These incidents also influenced the content of RSA Conference 2012, says Hugh Thompson, event program committee chair.
In the weeks following last year's TRICARE health information breach, some of the 4.9 million beneficiaries affected became victims of financial fraud, an amended class action lawsuit states.
Mark Weatherford, the new Homeland Security deputy undersecretary for cybersecurity, spells out his priorities, including building closer relationships with the CISOs of various government agencies.
Cloud-computing service provider contracts, for most businesses and government customers, are take-it-or-leave it propositions, so organizations must approach a services agreement cautiously, IT security lawyer Françoise Gilbert says.
One important reason why encryption is not more broadly used in healthcare is that many organizations lack an updated risk assessment, says attorney Amy Leopard.
Patients in western New York soon will test-drive a tablet-based application designed to educate them about their choices in granting consent to have their records exchanged among providers.
Earlier this month, I had the chance to attend RSA Conference 2012, which always reminds me how fluid our industry is, and how important it is to stay educated and abreast of change.
Some organizations proudly tout their privacy protection policies. Others, such as The Everett Clinic in Washington state, actually enforce their policies with bold action.
NIST's latest guidance adds controls that reflect the rapidly changing computing environment, but the fundamentals of implementing controls haven't changed, Senior Fellow Ross says in a video interview.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
