Many chief information security officers have the business savvy and technical know-how to be their organization's chief information risk officer. But should CISOs assume that extra role?
Federal authorities are warning banking institutions and government agencies about a wave of DDoS attacks that could strike on 9/11. Learn what steps the FBI suggests should be taken to mitigate the threat.
With less than two weeks until the HIPAA Omnibus Rule enforcement date, covered entities and business associates should be finishing a variety of privacy and security compliance tasks.
As the Sept. 23 enforcement deadline for HIPAA Omnibus approaches, an error that many business associates are making is thinking that compliance can be achieved with a simple checklist, says consultant Andrew Hicks.
Special Publication 800-101 Revision 1 is aimed to help organizations develop procedures to deal with the explosion of mobile devices and to prepare specialists to conduct forensically sound examinations.
As security professionals in other business sectors prepare for potential DDoS attacks, here are three important lessons they can learn from the successful defenses in the financial services industry.
Scientists are discovering ways to make quantum key distribution a more cost-effective and efficient way to securely share encryption keys, but there's still a long way to go before the methods can be practically applied.
A class action suit has been filed against Advocate Medical Group following the theft of four unencrypted computers that may have exposed data on 4 million patients. Learn more about the allegations the lawsuit makes.
Even with the latest disclosures of the efforts the National Security Agency goes through to decrypt Internet communications, enterprises can take specific steps to protect their information from prying eyes.
The increasing connectivity of medical devices brings with it growing risk to patients. Security expert Jay Radcliffe describes how medical device makers can enhance the security of their devices.
The NSA, in a highly classified program code-named Bullrun, used supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine encryption, according to a news report.
Lee Kim, the new director of privacy and security at HIMSS, says keeping track of where sensitive data is located, detecting breaches and dealing with insider threats are among the most critical issues.
In his four years as a top DHS cybersecurity policymaker, Bruce McConnell learned that to build trust with the public, the federal government must be more transparent in the way it approaches security and privacy.
In this week's breach roundup, read about the latest incidents, including the FTC filing a complaint against a medical testing laboratory and an update on a Department of Energy breach.
As a result of a recent Supreme Court case, it's doubtful that HIPAA compliance could be directly enforced by U.S. regulators for offshore business associates, says attorney Stephen Wu.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.