When creating a patient portal that provides access to electronic health records, healthcare organizations must educate patients about the need for authenticating their identities, says Sharp Healthcare CIO Bill Spooner.
What's the best strategy for communications after a data breach, like the one suffered by Global Payments Inc.? Bob Carr, CEO of Heartland Payment Systems, discusses what to say in the weeks following a breach.
Memorial Healthcare System in Hollywood, Fla., is notifying about 9,500 patients that two fired employees may have inappropriately accessed their personal information with the intent to process fraudulent tax returns.
What's the best way to win a CEO's support for greater information security investments? Consultant Eric Mueller advises IT security professionals to spell out the business impact of inadequate security.
"Regulation drives spending," says George Tubin of GT Advisors. "You're in a situation where the regulators are telling you, 'You have to do something; you have to make improvements.' Therefore, the bank has to spend some money on technology."
To respond to a security incident, an organization must first be aware of it. But too many intrusions go undetected, says Rob Lee of SANS Institute. That's the first problem that needs to be addressed.