While breaches resulting from compromised servers, databases or backups are less likely than those resulting from loss or theft of mobile devices, such breaches can have a greater business impact.
South Carolina's Revenue Department went nearly a year without a chief information security officer before its tax system was hacked this summer. The agency's chief says the state couldn't find a qualified candidate for the job that pays $100,000 a year.
Given the magnitude of sensitive information on Social Security Administration computers, the inspector general says, any loss of confidentiality, integrity or availability of systems or data could have a significant impact on the nation's economy.
The recent wave of DDoS attacks against top U.S. banks is a wake-up call for organizations that are ill-prepared to fight against such an attack. NIST's Matthew Scholl offers strategies to mitigate the threat.
The HHS Office for Civil Rights has released long-overdue guidance on how to de-identify patient data for use in research in accordance with the HIPAA Privacy Rule. Find out what's in the guidance.
Developing a bring-your-own-device
policy that's well-integrated with an organization's overall information security strategy requires a multi-disciplinary, collaborative approach, says attorney Stephen Wu.
Comments are being accepted through Jan. 14, 2013, on potential privacy and security requirements to be included in the meaningful use rule for Stage 3 of the HITECH Act's electronic health record incentive program.
How do we provide mobile applications to our users that fulfill their need for immediate access, but also provide them with assurance that their information is safe? Here are four fundamentals.
Participants in the second annual Healthcare Information Security Today Survey can enter to win a Microsoft Surface tablet computer. The deadline for completing the survey is Dec. 3.
In the aftermath of Superstorm Sandy, federal officials will refine their recommendations for the role health information exchanges can play during a natural disaster.
Prompted by the WikiLeaks breach, President Obama has issued a memorandum directing federal agencies to implement minimum standards to protect vast amounts of classified data on government computers, networks and systems from insiders.
What are the key skills and tools forensics pros use in probing a data breach? What can we learn from recent breaches? Rob Lee of SANS Institute walks us through a typical forensics investigation.
Organizations that have struggled with risk assessments to comply with PCI-DSS requirements now can take advantage of new guidance. Learn about the latest advice on how to address shortcomings.
The goal is admirable: Eliminate all traces of online information about an individual if that's what he or she wants. But is the right to be forgotten an impossible dream?
A long-delayed omnibus package of regulations, including modifications to the HIPAA privacy and security rules, remains tied up in government limbo. When might the new rules be released?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.