Pennsylvania fined former CISO Robert Maley $10,000 for having vendors pay for his travel, meals and lodging to industry events as well as playoff baseball tickets, violations of a state ethics code, the state Ethics Commission reports.
Sutter Health, an integrated delivery system that was in the process of encrypting all its desktop computers, reports that a device that had not yet been encrypted was recently stolen, affecting more than 4.2 million patients.
The Department of Health and Human Services should provide regularly updated, detailed guidance on all aspects of HIPAA security rule compliance, the Privacy and Security Tiger Team plans to recommend.
Unfortunately, says Ken Vander Wal, most organizations have done little to address security in their policies and procedures regarding BYOD, which is changing the ways companies address user behavior and risk.
NICE's Ernest McDuffie says a proposed cybersecurity workforce framework represents a consensus of government thought on how best to define the jobs, skills and tasks needed to secure information technology.
Servers at Virginia Commonwealth University were recently hacked, potentially exposing Social Security numbers for more than 176,000 faculty, staff, students and affiliates at the university and the VCU Health System.
The Centers for Medicare and Medicaid Services, which is providing billions of dollars in financial incentives for healthcare organizations to adopt electronic health records, needs an information technology upgrade of its own, according to a new report.
Winning senior executive support for information security spending requires "a solid business case of justifications," says Christopher Paidhrin, security compliance officer at PeaceHealth Southwest Medical Center.