Three recent breach incidents, each involving the loss or theft of back-up drives, illustrate that some organizations are doing a better job than others in informing consumers about the steps they're taking to prevent more breaches.
Although many organizations are using encryption to protect data on mobile devices, they're often overlooking other important ways to prevent health information breaches, says Terrell Herzig, information security officer at UAB Medicine.
While Japan's nuclear emergency puts local citizens at risk, there is much that organizations globally can learn from the crisis. "I hope that all of us look at this and ask 'What can I do to be better prepared?'" says Regina Phelps, disaster recovery expert.
Too many healthcare organizations have overlooked their obligation to comply with the Payment Card Industry Data Security Standard, says security expert Tom Walsh.
A comprehensive bill to dramatically change the way the federal government addresses cybersecurity could pass the Senate as early as this summer, Sen. Thomas Carper, who chairs a Senate panel with IT security oversight, says in an interview with GovInfoSecurity.com.
Enforcing standards for privacy and security is a major part of a new health information exchange accreditation program, says Lee Barrett, executive director of the Electronic Healthcare Network Accreditation Commission.
An Illinois childcare agency has articulated a revised security policy, including the use of encryption, in announcing a breach involving the apparent theft of three back-up unencrypted portable hard drives.
As healthcare organizations digitize more patient information, they need to take five essential risk management steps to ensure that the data is secure and privacy is protected, says Raj Caudhary, a principal at the consulting firm Crowe Horwath.
"We are looking to build a cybersecurity workforce from the ground up, rather than hire those already trained," says Nicole Dean, Deputy Director of the National Cyber Security Division at DHS. "We are looking to hire the best and the brightest."
A draft of a Federal Health IT Strategic Plan provides a roadmap that the next national coordinator for health IT may use in spearheading many efforts, including protecting the privacy of healthcare information.
There are some encouraging signs that stage two criteria for the HITECH Act's electronic health record incentive program will include substantial privacy and security requirements.
This kind of problem happens to everybody, says Marcus Ranum, CSO of Tenable Network Security, in response to the widely publicized breach at RSA. And maybe hes right. Perhaps this kind of problem does happen to everyone. But should it?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
