Picture it: Hackers worming their way into user accounts to rig hospital medication dispensers, operating room heating systems and medical devices to wreak havoc and potentially even to kill patients.
University of Pittsburgh Medical Center is replacing its decade-old identity management system with a new system that can better tackle emerging risks, says John Houston, UPMC's security and privacy leader.
Too many healthcare organizations conduct a HIPAA compliance assessment instead of a comprehensive risk analysis, says security specialist Dave Newell, who also points out other common mistakes.
The HIPAA Omnibus Rule could play an important role in improving the security of medical devices that store patient data, says an official with the agency that enforces HIPAA. Find out what part the rule could play.
Authenticating appropriate network administrators and employees has become increasingly challenging, especially for healthcare organizations and regional banking institutions, says Tim Ager of Celestix.
Business line managers are in better positions to control and monitor network and system access privileges than IT departments, since they know their employees and the privileges they should be provided, says Bill Evans of Dell Software.
Although the HIPAA Omnibus Rule is a step in the right direction for protecting health information, the regulation still leaves large privacy gaps, says patient advocate Deborah Peel, M.D.
We now have seen three waves of DDoS attacks on U.S. banks, and Dan Holden of Arbor Networks says we have seen three distinct shifts in these incidents. What can we expect going forward?
As the banking industry gets better at defending itself against security threats, cybercriminals will focus more of their attention on stealing data from the healthcare industry, predicts cybercrime expert Bill Fox.
Preparing for compliance with the privacy and security provisions of the HIPAA Omnibus Rule and the HITECH Act electronic health record incentive program go hand-in-hand, says federal privacy officer Joy Pritts.
Patient portals can fulfill some regulatory requirements related to providing individuals with electronic access to their medical records. But privacy and security concerns must be addressed, two experts say.
Mobile malware, jailbroken devices and unpatched systems are three of the top security threats to mobile workers. How can organizations mitigate the risks? Dave Jevans of Marble Security offers tips.
To improve security and increase workforce productivity across an enterprise, a set of integrated capabilities is needed, says Corey Williams, senior director of product management at Centrify.
Because data stored in a cloud-based "sandbox" environment for testing purposes is vulnerable, it should be masked to protect sensitive information, says Karen Hsu of Informatica.
The growth in cloud computing and mobility is creating a need for a streamlined, centralized process for managing user authentication, says Sarah Fender of PhoneFactor.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
