Today's advanced threats are no secret. Focusing the correct resources on them is the true challenge, says Will Irace of General Dynamics Fidelis Cybersecurity Solutions. He offers tips for harnessing the right skills and technology.
HHS proposes that state insurance exchanges report data breaches within one hour after discovering them. CIO Curt Kwak of the Washington state exchange explains why compliance with such a rule would be challenging.
Consolidating Microsoft Active Directory isn't just a technical challenge, but a personnel one as well. Just ask Johnson Matthey's Steve Way, who had to calm dozens of administrators he labels as "masters of their own universe."
As organizations use social media to grow their online presence, questions of ownership become an increasing concern, says Alan Brill of Kroll, who advises organizations on how to mitigate risks.
One of the biggest influences on Phyllis Schneck, the new Homeland Security deputy undersecretary for cybersecurity, is her father, Paul Schneck, an internationally accomplished computer scientist.
Version 3.0 of the PCI Data Security Standard is coming, and draft guidelines reflect the impact of recent retail breaches. PCI GM Bob Russo explains big changes to ensuring payment card security.
As new state health insurance exchanges gear up for open enrollment Oct. 1, privacy expert Chris Rasmussen asks whether regulators will miss the deadline for a risk analysis of a key data services hub.
IBM announces plans to buy anti-fraud detection company Trusteer. Security technology formerly the province of financial services organizations is now hitting the broader enterprise market.
Bruce McConnell, who just stepped down as one of the federal government's top cybersecurity policymakers, says he understands why some lawmakers don't trust DHS with significant authority to safeguard government IT.
While organizations wait for possible cyberthreat intelligence sharing legislation, the community is proactively working to share valuable information among different industries, says MS-ISAC Chairman Will Pelgrin.
The Food & Drug Administration has issued new guidance on the radio frequency of wireless medical devices, including recommending authentication and encryption for reducing patient safety risks.
Breaches are expensive, embarrassing and entice additional scrutiny from regulators and consumers alike. By taking eight key steps, you can protect private information and lessen the impact of breaches when they occur.
Under HIPAA Omnibus, business associates and subcontractors are liable for compliance, including penalties for data breaches. But what happens if those vendors are located outside the U.S.?
Although OCR has changed its standard for determining breaches under HIPAA Omnibus to a more objective assessment, it's still unclear whether the previous harm standard is truly a thing of the past.
This latest HIPAA breach settlement serves as a costly reminder that healthcare organizations must ensure they properly remove or destroy protected health information from all gear prior to disposal.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.