New guidance from federal regulators about using the Direct secure messaging protocol for health information exchange will help build trust among those sharing data, says security consultant Tom Walsh.
The Obama administration is intensifying efforts to get the Chinese government to stop hacking activities following a report that designs for many of the nation's most sensitive advanced weapons systems have been compromised by Chinese hackers.
Healthcare organizations need to provide more meaningful education on key information security issues, says Daniel Berger, CEO at Redspin.
The Healthcare Information Security Today survey shows that ramping up training is the No. 1 step organizations plan to take this year to help prevent health data breaches.
The HIPAA Omnibus Rule streamlines the process of obtaining patients' permission for use of their information in medical research projects. Privacy attorney Adam Greene sorts through the details.
Healthcare organizations need to more closely monitor how staff members access patient information to minimize "insider threats" that could compromise privacy or lead to fraud, says security consultant Mac McMillan.
In 2012, Experian® Data Breach Resolution dealt with 1700 breaches - 800 of them in the healthcare sector. What are the common gaps for organizations looking to comply with new HIPAA Omnibus standards?
Consumer advocate Deven McGraw says many provisions in the HIPAA Omnibus Rule, including better breach notification guidance and expansion of HIPAA liability to business associates, will provide substantial benefits to patients.
There's still plenty of confusion about compliance with the HIPAA Omnibus Rule - and HIPAA in general. But regulators and experts clarified some important issues at a conference this week.
A House panel establishes a bipartisan supply chain working group to explore the federal government's role in helping industry assure that IT and telecommunications wares they buy abroad are safe from exploits.
What determines the size of a penalty for HIPAA violations? Find out what Leon Rodriguez, director of the HHS Office for Civil Rights, says are the key factors.
Facing advanced cyber-attacks, organizations must shift their focus to detection and mitigation, says ISACA's Jeff Spivey, who outlines four capabilities necessary for effective response.
Congress is highly unlikely to enact new laws to require industry to adhere to cybersecurity regulations. But that hasn't stopped a fierce debate among lawmakers and security experts on the value of such rules.
NIST's Ron Ross sees the cloud as helping to reduce the complexity of keeping data secure. But security expert Eugene Spafford of Purdue University offers a different viewpoint in the first part of a two-part joint interview.
A $400,000 federal penalty stemming from the investigation of a breach at a clinic owned by Idaho State University is the latest example of how even relatively small security incidents can trigger hefty sanctions.
When it resumes, the HIPAA compliance audit program will be more focused in terms of what's evaluated but will encompass a broader range of organizations, says Verne Rinker of the HHS Office for Civil Rights.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
