"Until they personally suffer pain, they don't think it is something that can happen to them," says Eric Cole, an insider threat expert and SANS Institute faculty fellow.
No one knows risk better than the internal auditor, and so no individual has a better opportunity to add risk management value to organizations, says Richard Chambers, president of the Institute of Internal Auditors.
One of the many difficult challenges involved in devising federal regulations governing the privacy and security of personal health records is that so many different flavors of PHRs exist.
Community hospitals must become more vigilant about information security, especially as they apply for federal electronic health records incentive payments, says Chuck Christian, CIO at Good Samaritan Hospital in Vincennes, Ind.
This week's top news and views: Senate Passes Red Flags Exemptions; Health Info Security: Much to be Done; Verizon's Authentication Plans. And don't miss our audio week-in-review podcast by Howard Anderson, managing editor.
How can you recognize the intent of your colleague and perhaps prevent him from manifesting as a true insider threat? Blogger Upasana Gupta provides the answer.
The leader of a pilot project for the health record bank model describes how it enables patients to control who accesses their electronic health records.
A workgroup that's going back to the drawing board to devise recommendations for a governance body to oversee health information exchanges is seeking advice as it weighs options.
A new Federal Trade Commission privacy report endorses implementation of a "do not track" mechanism so consumers can choose whether to allow the collection of data regarding their online searching and browsing activities.
The Senate, by unanimous consent, on Tuesday approved legislation that its sponsors say would exempt "small businesses," including physician practices, from the Identity Theft Red Flags Rule.
The recent WikiLeaks release of thousands of sensitive government documents puts security leaders on notice: The breach threat is real, and no organization is immune.
When Southwest Washington Medical Center in Vancouver, Wash., introduced free wireless Internet access for patients and guests, it used a "defense-in-depth" strategy to address security issues, says Christopher Paidhrin, IT security compliance officer.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
