Enforcing standards for privacy and security is a major part of a new health information exchange accreditation program, says Lee Barrett, executive director of the Electronic Healthcare Network Accreditation Commission.
An Illinois childcare agency has articulated a revised security policy, including the use of encryption, in announcing a breach involving the apparent theft of three back-up unencrypted portable hard drives.
As healthcare organizations digitize more patient information, they need to take five essential risk management steps to ensure that the data is secure and privacy is protected, says Raj Caudhary, a principal at the consulting firm Crowe Horwath.
"We are looking to build a cybersecurity workforce from the ground up, rather than hire those already trained," says Nicole Dean, Deputy Director of the National Cyber Security Division at DHS. "We are looking to hire the best and the brightest."
A draft of a Federal Health IT Strategic Plan provides a roadmap that the next national coordinator for health IT may use in spearheading many efforts, including protecting the privacy of healthcare information.
This kind of problem happens to everybody, says Marcus Ranum, CSO of Tenable Network Security, in response to the widely publicized breach at RSA. And maybe hes right. Perhaps this kind of problem does happen to everyone. But should it?
Phishing represented more than half of the 107,439 cyber incidents compiled by the U.S.-CERT for fiscal year 2010 from federal, state and local governments, commercial enterprises, American citizens and foreign CERT teams.
"In this future, cyber devices have innate capabilities that enable them to work together to anticipate and prevent cyber attacks and recover to a trusted state," says DHS Deputy Undersecretary Philip Reitinger.
Users of RSA's SecurID two-factor authentication products, acting on advice from the company, are devising strategies to monitor for threats and take preventive steps in the aftermath of a hacker attack against the products.