In parts of Europe and Asia, privacy legislation took solid steps forward in 2012. In the U.S., however, progress has stalled. Is the U.S. at risk of falling behind when it comes to privacy protection?
Healthcare organizations need to more closely monitor how their business associates protect the security of patient information and step up risk assessments as they prepare to comply with looming HIPAA modifications, says attorney Lisa Sotto.
HIPAA compliance audits will resume within about a year once results of a recently completed pilot program are reviewed, says Leon Rodriguez, director of the Department of Health and Human Services' Office for Civil Rights.
The National Institute of Standards and Technology has published new guidance on generating cryptographic keys to help organizations protect their data with secure keys no matter the type of algorithm they choose.
In this week's breach roundup, read about the latest incidents, including a California state health department breach involving Social Security numbers posted online and an e-mail hack affecting patients in the Carolinas.
A new, private-sector electronic health record certification program will test whether software meets higher security and interoperability requirements than those for the HITECH Act's EHR incentive program.
A federal panel is seeking comments on recommendations for boosting privacy and security requirements for electronic health record modules in the next round of HITECH Act software certification requirements.
From point-of-sale hacks to malware and DDoS attacks, the top cyberthreats of 2012 have been aggressive and strong. Is it time for organizations to adopt a "hack back" strategy against perceived attackers?