As efforts to fix technical glitches on the HealthCare.gov website for Obamacare continue, taking steps to ensure security should be a top priority. Otherwise, efforts to build trust in the system will fail.
NIST is revising its 3-year-old smart-grid guidance to address technological and policy changes that have made the power grid more susceptible to vulnerabilities and threatened utility customers' privacy.
The White House says the conversation between the president and business leaders focused on how to encourage adoption of the cybersecurity framework. Participants also discussed the need for framework adoption by suppliers.
Purdue University's Eugene Spafford discusses the ethical issues that have been brought to the forefront by former NSA contractor Edward Snowden's leaks of classified details on a number of top-secret government surveillance programs.
Organizations collect a wealth of information as part of their governance, risk and compliance programs, and security professionals are missing out on important insights if they don't take advantage of it.
An audit protocol from federal regulators is a useful tool for covered entities and business associates that are conducting a risk analysis and beefing up HIPAA compliance efforts, says security expert Bill Miaoulis.
To mark his induction into the National Cyber Security Hall of Fame, Purdue University Computer Science Professor Eugene Spafford offers insights on key challenges, including overcoming senior executives' misperceptions about key issues.
Despite the government shutdown, Stage 2 of the HITECH Act financial incentive program for the meaningful use of electronic health records kicks off Oct. 1. Learn more about the privacy and security provisions and how to prepare.
It's been four years since federal officials began tracking major healthcare data breaches. What important lessons can be learned from the causes of these breaches as well as HIPAA enforcement actions by federal regulators?
Attorney Ellen Giblin describes who should be involved in determining whether a breach should be reported in compliance with the new breach notification requirements of the HIPAA Omnibus Rule. She also offers other compliance insights.
NIST is hosting a workshop this week to continue shaping the cybersecurity framework President Obama wants implemented by February. Learn about the latest developments in the effort to identify IT security best practices.
As the Sept. 23 enforcement deadline for HIPAA Omnibus approaches, an error that many business associates are making is thinking that compliance can be achieved with a simple checklist, says consultant Andrew Hicks.