Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
Incorporating new concepts such as security-control overlays and placing a renewed emphasis on information assurance, the forthcoming guidance is 'a total rewrite' from the 2009 version, NIST's Ron Ross says.
The kind of detailed data analysis that helped statistician Nate Silver predict accurately the outcome of the U.S. presidential election could help enterprises using cloud-based SIEM to identify vulnerabilities, says Cloud Security Alliance's Jens Laundrup.
To know how best to respond to IT and communications failures, organizations first must collect information on such incidents, says Marnix Dekker, who co-authored a just-issued report on incidents for ENISA.
President Obama's re-election paves the way for continuation of the HITECH Act EHR incentive program and provides a perfect opportunity for the administration to toughen the program's privacy and security requirements.
Gov. Nikki Haley realizes the potential political consequences of a breach, which explains why she held three press conferences on three consecutive days to address her administration's response to a computer breach of the state's tax IT system.
Hurricane Sandy slammed the East Coast Oct. 29, causing widespread damage and power outages. As a result, business continuity plans are being put to the test. How are governments, financial institutions and healthcare organizations responding?
How can hospitals and physicians prepare to comply with the HITECH Act electronic health record incentive program's Stage 2 privacy and security requirements? Federal privacy officer Joy Pritts provides insights.