"Managing risk with regard to information systems and security sometimes doesn't go to the highest levels and that's why the risk framework is a way to get senior leaders involved early in the process," NIST senior computer scientist Ron Ross says.
Many physician group practices adopting their first electronic health records systems will have a lot of work to do when it comes to information security, a new survey confirms.
The innocent use for three years of a Yahoo calendar application exposed personally identifiable information of 878 patients at the Department of Veterans Affairs' Chicago Healthcare Systems, a violation of VA policy.
Thwarting the insider threat entails more than knowing an individual with access to a computer, but to recognize the synergy between the individual, organization, technology and environment, I3P Research Director Shari Lawrence Pfleeger says.
At urban and rural hospitals alike, breach prevention and HIPAA and HITECH Act compliance are the major drivers for information security investments in 2011.
With more than 220 major health information breaches reported to federal authorities so far under the HITECH Act requirements, healthcare organizations are looking for effective strategies to prevent breaches and avoid headlines. One critical element to any breach prevention strategy is beefing up network...
"If you at all have any inclination of allowing Internet access in your company networks, you need a social media policy," says Hemu Nigam, former CSO at MySpace.
President Obama on Saturday signed legislation that exempts certain businesses, including physician practices and apparently most hospitals, from the Identity Theft Red Flags Rule.
"Literally, in my entire time working in the privacy field, I've never seen such profound and aggressive activity by the government in the privacy space," privacy expert Thomas Oscherwitz says.
Ron Kloewer, CIO at 25-bed Montgomery County Memorial Hospital, explains why the critical access facility's spending on information security will grow in 2011.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
