Penetration tests that demonstrate how an unauthorized user could gain access to patient information can be effective in winning support for a bigger information security budget, says David Kennedy of Diebold, Incorporated.
When it comes to responding to today's high-profile information security incidents, technical abilities simply aren't enough, says Gavin Reid of Cisco's Computer Security Incident Response Team. Here are the five must-have skills for today's incident response professionals.
TRICARE, the military health program, has directed its business associate, Science Applications International Corp., to offer one year's worth of free credit monitoring and restoration services to the 4.9 million affected by a recent breach.
IT security practitioners should understand why the bits, bytes and network connections - the technologies - are important to their organization's goals. Ignorance of the mission, for IT security folks, isn't bliss.
Final guidelines for Stage 2 of the HITECH Act's electronic health record incentive program will be released in the summer of 2012, and implementation of an expanded, "permanent" program to certify EHR software for the program will be delayed.
Federal officials plan five annual consumer surveys about attitudes toward the privacy and security of electronic health records and electronic health information exchange that they'll use to support policy decisions.
A new intelligence community report to Congress shows how the proliferation of new technologies, such as portable devices that connect to the Internet, will create new espionage opportunities for malicious actors.
Accountable Care Organizations that will be formed to coordinate treatment of some Medicare patients must take steps to comply with HIPAA - as well as additional privacy requirements - as they share patient data among participating providers, says security expert Rebecca Herold.
The draft publication defines high-priority requirements for standards, official guidance and technology developments that need to be met in order for agencies to accelerate their migration of existing IT systems to the cloud computing model.
Researchers at security vendor Symantec say they've been in contact with a 20-something Chinese man who may be behind a series of attacks against U.S. businesses with the aim to steal intellectual property.
As officials prepare a public relations campaign to educate consumers about the privacy of electronically exchanged healthcare information, they're seeking additional information about the public's attitudes on the use of mobile devices to exchange data.