Attorney Ellen Giblin describes who should be involved in determining whether a breach should be reported in compliance with the new breach notification requirements of the HIPAA Omnibus Rule. She also offers other compliance insights.
NIST is hosting a workshop this week to continue shaping the cybersecurity framework President Obama wants implemented by February. Learn about the latest developments in the effort to identify IT security best practices.
As the Sept. 23 enforcement deadline for HIPAA Omnibus approaches, an error that many business associates are making is thinking that compliance can be achieved with a simple checklist, says consultant Andrew Hicks.
As healthcare organizations ramp up HIPAA compliance efforts, they should make far greater use of guidance from the National Institute of Standards and Technology, says security consultant Mac McMillan.
Iris scanning is becoming old hat for authenticating individuals entering secured facilities or crossing international borders, but it remains several years away for use in providing access to IT systems.
If your organization's leadership has been lukewarm to funding information security efforts, it's time to turn up the heat before you end up in hot water with federal regulators enforcing the HIPAA Omnibus Rule.
Operators of media sites should consider adoption of the cybersecurity framework in the aftermath of the recent domain name systems attacks aimed at The New York Times and Twitter.
NIST has issued a discussion draft on the cybersecurity framework ordered by President Obama. The voluntary framework is designed to help reduce risks to the nation's critical infrastructure.
In the wake of domain name systems attacks aimed at The New York Times, Twitter and other media sites, experts say security professionals in all fields should take specific mitigation steps.
The National Institute of Standards and Technology has issued new guidance for designing cryptographic key management systems that describes topics designers should consider when developing specifications.
Creating circles of trust - networks of IT security professionals who rely on one another - is a key element in forthcoming National Institute of Standards and Technology guidance on incident response.
NIST is developing risk management guidance on the IT supply chain that says organizations should take an incremental approach and ensure that they first reach a base maturity level in organizational practices.
Keeping risk assessment documentation and other compliance evidence in a centralized repository is a good way to prepare for any HIPAA audit or investigation, says Mark Dill, Cleveland Clinic's security leader.
Hope springs eternal at the White House, at least when it comes to Congress passing meaningful cybersecurity legislation. Read about our exclusive conversation with a senior administration official.
Although OCR has changed its standard for determining breaches under HIPAA Omnibus to a more objective assessment, it's still unclear whether the previous harm standard is truly a thing of the past.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
