Federal regulators are one small step closer to starting audits of healthcare organizations and their business associates for compliance with the HIPAA privacy and security rules as required under the HITECH Act.
The Office for Civil Rights at the U.S. Department of Health and Human Services has awarded two key...
Organized crime has targeted healthcare organizations for insurance fraud scams. What are the risks? What are the solutions?
Dr. Andrea Allmon, senior director with FICO, discusses:
Insurance fraud trends;
How organizations are most vulnerable;
What to do now to reduce fraud today.
The final version of regulations to carry out the HITECH Act must include far more details on privacy and security to ensure widespread adoption of electronic health records, says William R. Braithwaite, M.D., Ph.D.
Getting senior executives involved early and making sure they understand the organization's security vulnerabilities are two vital steps in any risk management initiative, says Mark Ford of Deloitte.
In an interview, Ford offers advice on how to:
Win the support of senior executives as well as boards of directors...
Interview with H. Peet Rapp of ISACA's Cloud Work Group
Everyone is talking about cloud computing these days - but are they having the right conversations?
H. Peet Rapp is an information security auditor who sits on ISACA's Cloud Computing Work Group, and he's co-author of the white paper Cloud Computing:...
Connecticut Attorney General Richard Blumenthal has launched an investigation into an apparent breach by a radiologist who was taking information from one hospital where he formerly worked and using it to drum up business at another hospital.
"While the question of how best to balance privacy and security in the 21st century has no simple answer, what is clear is that our federal electronic privacy laws are woefully outdated," Sen. Patrick Leahy says.
Interview with Adrian Davis of the Information Security Forum
In terms of payments, privacy and third-party relationships, U.S. security leaders have much to learn from - and share with - their peers in the U.K. and elsewhere in the world.
This is the perspective of Adrian Davis, a senior research consultant...
Interview with Tom Smedinghoff of Wildman Harrold
The topic has been discussed for years, but now truly is the time for organizations to invest in federated identity management.
So says Tom Smedinghoff, partner at Chicago-based law firm Wildman Harrold. In an exclusive interview, Smedinghoff discusses:
Because even the janitor can be an identity theft threat, keeping records under lock and key can be a powerful protection strategy. Just ask Northwestern Memorial Hospital in Chicago. This week, authorities made arrests in a case that involved a janitor "cleaning near patient files" who stole personal information and...
The legislation introduced in both houses would require the president to provide a global assessment of identify threats from abroad and work with other countries to crack down on their own cyber criminals.
With Howard Schmidt's appointment as national cybersecurity coordinator, his role as president of the Information Systems Security Association (ISSA) has been filled by Kevin Richards, a risk management advisor with Crowe Horwath.