Just four months after agreeing to pay an $865,000 penalty for a series of HIPAA violations, UCLA Health System has revealed a breach incident involving the theft of an external hard drive from a former employee's home.
A health and financial information breach that may have affected as many as 10,000 patients at a Kansas hospital illustrates yet again that the actions of a business associate's subcontractor can have a major potential impact on patient privacy.
One reason why so many healthcare organizations are not well-prepared to counter security threats is that "key leadership has not bought into the whole process," says Bob Krenek of ExperianÂ® Data Breach Resolution.
Penetration tests that demonstrate how an unauthorized user could gain access to patient information can be effective in winning support for a bigger information security budget, says David Kennedy of Diebold, Incorporated.
When it comes to responding to today's high-profile information security incidents, technical abilities simply aren't enough, says Gavin Reid of Cisco's Computer Security Incident Response Team. Here are the five must-have skills for today's incident response professionals.
TRICARE, the military health program, has directed its business associate, Science Applications International Corp., to offer one year's worth of free credit monitoring and restoration services to the 4.9 million affected by a recent breach.
IT security practitioners should understand why the bits, bytes and network connections - the technologies - are important to their organization's goals. Ignorance of the mission, for IT security folks, isn't bliss.
Final guidelines for Stage 2 of the HITECH Act's electronic health record incentive program will be released in the summer of 2012, and implementation of an expanded, "permanent" program to certify EHR software for the program will be delayed.
Federal officials plan five annual consumer surveys about attitudes toward the privacy and security of electronic health records and electronic health information exchange that they'll use to support policy decisions.
A new intelligence community report to Congress shows how the proliferation of new technologies, such as portable devices that connect to the Internet, will create new espionage opportunities for malicious actors.
Accountable Care Organizations that will be formed to coordinate treatment of some Medicare patients must take steps to comply with HIPAA - as well as additional privacy requirements - as they share patient data among participating providers, says security expert Rebecca Herold.
The draft publication defines high-priority requirements for standards, official guidance and technology developments that need to be met in order for agencies to accelerate their migration of existing IT systems to the cloud computing model.