(Part two of a four-part series)
The HITECH Act provides strong new incentives for healthcare organizations to create comprehensive data security plans and train their staffs on how to keep personal health information secure.
Four healthcare associations have called on the Federal Trade Commission to exclude healthcare professionals from compliance with the Identity Theft Red Flags Rule designed to combat identity theft. The groups made the request in the wake of a court ruling exempting attorneys from the rule.
The Health Information Trust Alliance has enhanced its HITRUST Common Security Framework for protecting health information to reflect the impact of the HITECH Act.
Demand for qualified information security professionals is beginning to grow in healthcare.
The HITECH Act, which established tougher penalties and broader enforcement of enhanced versions of the HIPAA privacy and security rules, is proving to be a powerful catalyst for ramping up information security. Plus, as...
Every IT vulnerability survey of the past 10 years has had the same item at the top of the list: internal personnel our so-called trusted workers. Billions of dollars, countless vulnerability assessments, thousands of innovative security solutions later, and we still haven't moved the trusted worker off the top of the...
A well-known healthcare information security expert who's advising federal regulators on policy issues offers advice to organizations preparing to comply with the data breach notification requirements of the HITECH Act.
In an interview, Dixie Baker of SAIC advises hospitals and others to:
Study how the HITECH...
The Obama Administration on Feb. 1 released a summary of its fiscal 2011 budget proposal that includes a 28% increase in funding for a unit that plays a major role in ensuring the privacy and security of health information.
When it comes to enterprise security, an organization gets its tone from the top - even when the tone is set accidentally.
How do you set the right tone? That's the topic of the new book from former CISO Jennifer Bayuk: "Enterprise Security for the Executive: Setting the Tone from the Top."
In an interview about...
Completing security risk assessments for a long list of applications and providing information security training to its entire staff are two of the top priorities for 2010 at Johns Hopkins Medicine, one of the nation's largest academic medical centers.
In an interview, Stephanie Reel, vice president for information...
Whether a hospital has a chief information security officer is dependent, in large part, on the size of the facility.
For example, while many academic medical centers have a CISO and a team of security experts, many community hospitals, faced with budget constraints, do not. Instead, the CIO and members of his...
When the Connecticut attorney general recently filed a lawsuit against an insurance company for HIPAA security violations, it was a sign of things to come.
(Part one of a four-part series)
For years, healthcare organizations have faced federal requirements to comply with HIPAA privacy and security rules. But those rules had no teeth because they were rarely enforced.
Last year's passage of the HITECH Act toughened the rules, mandated ramped-up enforcement and...
Information Security Media Group (ISMG) announces the launch of HealthcareInfoSecurity.com, a multimedia site providing news, insights and education on information security, risk management and privacy in the healthcare industry.
The U.S. Commerce Department's National Institute for Standards and Technology is seeking bids due February 5 for a company to help it develop a method to measure the usability of health information technology, including electronic health records.
"The framework includes development, refinement and harmonization of...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
