Devising strategies for ensuring social media are not used in ways that violate patient privacy is one of the top trends for 2011, says Lisa Gallagher, senior director of privacy and security at the Healthcare Information and Management Systems Society.
Cyber criminals typically will move on to a target that is much less secure but those behind advanced persistent threats will spend months if not years trying to penetrate an IT system until they succeed, says Dmitri Alperovitch, McAfee Labs threat research vice president.
When the HITECH Act was enacted early in 2009, much was made of its provisions calling for tougher enforcement of the HIPAA privacy and security rules. But we're still waiting for ramped-up enforcement to begin.
Researchers explore adapting geolocation technology to identify where data reside on the cloud so organizations can comply with IT security laws and regulations, RSA Chief Technology Officer Bret Hartman says.
The National Institute of Standards and Technology issues two special publications: SP 800-119, Guidelines for the Secure Deployment of IPv6 and SP 800-135, Recommendation for Application-Specific Key Derivation Functions.
The most important healthcare information security trend for the year ahead is the rush to implement electronic health records while taking advantage of all their security features, says Dixie Baker, a well-known security expert who's advising federal regulators on policy issues.
"Managing risk with regard to information systems and security sometimes doesn't go to the highest levels and that's why the risk framework is a way to get senior leaders involved early in the process," NIST senior computer scientist Ron Ross says.