When it comes to the impending Sept. 23 HIPAA Omnibus enforcement deadline, many smaller organizations are making serious progress - or seriously procrastinating, says compliance expert Margie Satinsky.
The panel would review the latest intelligence and communications technologies to determine the risk of unauthorized disclosure to national security and foreign policy, as well as assess the need to maintain the public trust.
The Obama administration is floating the idea that critical infrastructure owners would more likely adopt voluntary security best practices if the government engages the insurance industry to help develop its cybersecurity framework.
Federal advisers want to stress the value of risk assessments even more strongly in Stage 3 of the HITECH Act electronic health record incentive program. Meanwhile, regulators are studying how to address health information exchange security issues.
Having a CISO within an organization can help in holding down data breach costs, says the Ponemon Institute's Larry Ponemon, who, along with Symantec's Robert Hamilton, analyzes new survey results.
The National Institute of Standards and Technology has published new guidance on malware incident prevention and handling for desktops and laptops as well as enterprise patch management technologies.
IT security pros see metrics as a useful tool to validate operational performance. But many organizations' top leaders evaluate security on cost. It's time to bridge that gap.
As social media use grows, so do the risks of organizations getting caught up in costly legal disputes over ownership and assets. Alan Brill of Kroll advises on how to mitigate such risks.
The apparatchiks at the Kremlin think they're clever sorts with plans to replace computers with typewriters to prevent the American e-spies at the National Security Agency from hacking into Russian intelligence systems.
Getting critical infrastructure operators involved is the biggest challenge the federal government faces in creating a cybersecurity framework, says NIST's Adam Sedgewick, who leads efforts to create the framework ordered by President Obama.
To prepare for HIPAA compliance audits once they resume, healthcare organizations need to conduct a thorough risk assessment, says Verne Rinker of the HHS Office for Civil Rights.
Aimed to be voluntarily adopted by the nation's critical infrastructure operators, the cybersecurity framework will revolve around a core structure that includes five major cybersecurity functions: Know, Prevent, Detect, Respond and Recover.
Significant security flaws involving access, configuration-management and continuous-monitoring controls have been identified in a new Inspector General audit of Veterans Affairs' IT systems.
A side benefit of consolidating the military's 15,000 networks is the need for fewer systems administrators. Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, says that should help diminish the insider threat.
Here are some questions we'd like to ask the former systems administrator at the National Security Agency to learn more about the motivation behind his leak of the U.S. government's top-secret information collection programs.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
