The Obama administration posts a declassified summary of the government's Comprehensive National Cybersecurity Initiative, a highly secret Bush-era program aimed at securing the nation's critical IT security assets.
From RSA 2010: Interview with Bob Russo, GM of the PCI Security Standards Council
How will the Payment Card Industry Data Security Standard (PCI DSS) be amended, and when?
These are the key questions in payments security, and Bob Russo, GM of the PCI Security Standards Council, is prepared to start answering...
The Annual HIMSS Leadership Survey is far from scientific. But the results are nevertheless eye-opening. This year's results show that 23% of responding organizations have had some sort of a security breach in the past year. And that's a big number.
Accounting for who has viewed a patient's electronic health record "is the single most difficult security requirement to figure out" in the HITECH Act. That's the conclusion of Lisa Gallagher, senior director for privacy and security at the Healthcare Information and Management Systems Society.
Hospitals should use a team approach to creating breach detection and breach notification strategies. That's the advice of Gerry Hinkley, senior partner at the law firm Pillsbury, Winthrop, Shaw and Pittman.
Hospitals preparing for a potential government audit of their HIPAA security rule compliance should "build a continual state of readiness," says David Wiseman, information security manager at Saint Luke's Health System, Kansas City, Mo.
To be fully prepared, Wiseman says hospitals should:
Conduct a HIPAA...
Sitting in an all-day security workshop at the HIMSS Conference in Atlanta Feb. 28 provided me with a good education about what's on the minds of security leaders. For example, one member of the audience said it was a "huge challenge" to ensure that when an employee is fired, their password is promptly deactivated so...