"This is not a record of success; whatever we are doing is not working," says James Lewis of the Center for Strategic and International Studies. "As a nation, despite all the talk, we are still not serious about cybersecurity."
Roundup of news and insights from the National HIPAA Summit, including the announcement that state attorneys general soon will receive training on how to file federal civil lawsuits for HIPAA violations.
"Today's risk management professionals really need to take a strategic view of managing risk to be relevant in achieving the organization's expected outcome," says Philip Alexander of Wells Fargo Bank.
Describing it as the capstone publication of a partnership with the defense and intelligence communities, NIST publishes new guidance on managing security risk associated with the operation and use of IT systems.
In case you weren't one of the more than 31,000 who attended this year's Healthcare Information and Management Systems Society Conference in Orlando, here's a rundown of some of the privacy and security news from the show.
A team headed by Senior Computer Scientist Ron Ross will update one of NIST's premier risk management publications - SP 800-53: Recommended Security Controls for Federal Information Systems and Organizations.
The ruckus over a new cybersecurity bill's ban of a so-called Internet kill switch camouflages the real significance of the Cybersecurity and Internet Freedom Act. The bill, if enacted, would rejigger the way to govern federal IT security.
Physicians adopting electronic health records systems need to demonstrate to their patients that they're taking adequate steps to keep records secure because so many consumers are worried about health information privacy.
Once a CEO understands the value and risks catered through mobile functionality, it is easier to discuss mobile innovations, policy and how the company can then strike a balance to meet customer and employee requirements.