John Houston, CISO at University of Pittsburgh Medical Center, is keeping his eye on emerging threats, including the risks tied to medical devices linked to networks and the potential for DDoS attacks to spread to healthcare.
A new advisory panel will help federal regulators craft a risk-based regulatory framework aimed at ensuring patient safety as the use of EHRs, wireless medical devices and other health IT continues to expand.
Security firm Mandiant recently released a widely publicized report detailing cyber-espionage activity originating in China. Mandiant Director Charles Carmakal discusses the latest nation-state threats.
NIST's Ron Ross, a big NASCAR fan, likens new security controls guidance to the tools race-car builders use to prevent drivers from breaking their necks when crashing into a brick wall at 200 miles an hour.
The privacy and security provisions of the HIPAA Omnibus Rule and the HITECH Act EHR incentive program "dovetail together quite nicely," says federal privacy officer Joy Pritts, who offers compliance tips.
NIST's Donna Dodson is leading a federal government effort to take hundreds of suggestions from the private sector to create an IT security best practices framework that critical infrastructure operators could voluntarily adopt.
Although there have not yet been any confirmed reports of financial fraud associated with a major data breach at the Utah Department of Health last year, the potential for costly fraud is huge, contends Al Pascual of Javelin Strategy and Research.
A Senate panel approved a bill to strengthen e-mail privacy protections despite concerns expressed by the head of the Securities and Exchange Commission that the legislation could hinder investigations.