Establishing an effective security incident response program is a key component of an information risk management strategy. And NIST has issued draft guidelines to help organizations implement such a program.
Rep. Dan Lungren, the bill's chief sponsor, contends the regulatory approach taken by his bill would be less intrusive on the private sector than proposed Senate legislation and a plan by President Obama.
Organizations that have experienced a breach report that three lessons they learned were to limit the amount of personal information collected, limit sharing data with third parties and limit the amount of data stored, a new survey shows.
The uproar over Google's latest privacy policy is much ado about nothing, especially the cry from some in Congress that the Internet company won't allow users to opt out of its new policy.
The extensive news media coverage of a 911 emergency call about actress Demi Moore is calling attention to an important issue: The need to protect privacy.
Much more work needs to be done to build public trust in efforts to protect the privacy and security of electronic health records and the exchange of health information, according to a new report from The Bipartisan Policy Center.
"These changes might not otherwise be troubling but for one significant change to your terms of service: Google will not permit users to opt out," the leaders of a House panel say in a letter to Google CEO Larry Page.
Encryption, staff training and audits of patient records access are three essential healthcare information breach-prevention steps, says attorney Robert Belfort.
IT security provider Symantec says it identified multiple publisher identifications on the Android Market that are being used to push out Android.Counterclank, which it characterizes as a bot-like threat that can receive commands to carry out certain actions, as well as steal information from the device.
How can companies and IT security leaders keep a security breach from becoming a long-term problem and stop it from negatively affecting their customer base?
Google says its new privacy policy that has some privacy advocates up in arms will not have the same impact on paying customers. But an advocacy group contends some Google customers' contracts state they must adhere to the published privacy policy.
The privacy risks involved in using social media in healthcare can be minimized through innovative staff education, says risk management expert Paul Anderson.
With the surge in use of tablets, smart phones and other mobile devices, it's good to see some privacy and security best practice guidance is in the works.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
