In 10 years as a security compliance officer, Christopher Paidhrin has seen his role broaden as information security has become an even higher priority at Southwest Washington Medical Center in Vancouver, Wash.
Today, Paidhrin is more involved in policy development. He's also pushing to improve awareness of the...
The recent news that Nexus One smartphone owners were unable to send or receive data is just a precursor to what security experts say is the next big threat to mobile phones and services - mobile malware.
According to Dr. Markus Jakobsson, a noted security expert in the field of phishing and crimeware, mobile...
Khalid Kark, vice president at Forrester Research, recently wrote an in-depth report on healthcare information security in which he described five key principles.
In an interview, Kark discusses each principle, including:
Take a risk-based approach and look beyond regulatory compliance, focusing instead on...
I'm excited about today's launch of the 2010 Banking Information Security Today Survey, and you should be, too.
Think about it: Identity theft, fraud, regulatory compliance, vendor management, security awareness, risk management, privacy. These topics have no industry loyalty; they're common to all public and...
(Part two of a four-part series)
The HITECH Act provides strong new incentives for healthcare organizations to create comprehensive data security plans and train their staffs on how to keep personal health information secure.
Every IT vulnerability survey of the past 10 years has had the same item at the top of the list: internal personnel our so-called trusted workers. Billions of dollars, countless vulnerability assessments, thousands of innovative security solutions later, and we still haven't moved the trusted worker off the top of the...
Completing security risk assessments for a long list of applications and providing information security training to its entire staff are two of the top priorities for 2010 at Johns Hopkins Medicine, one of the nation's largest academic medical centers.
In an interview, Stephanie Reel, vice president for information...
Welcome to HealthcareInfoSecurity.com, a media site with news, insights and education on healthcare privacy, risk management and information security.
Information Security Media Group, which offers similar information security/risk management sites for banking, credit unions and government, brought me on board to...
Hospitals and physician group practices that want to get incentive payments from Medicare and Medicaid for using electronic health records must use software that meets new federal "certification" standards. And those pending standards require the software to offer encryption and an access control mechanism.
Tucked away in last year's federal economic stimulus package were billions of dollars in funding to help offset part of the cost for hospitals and physicians to adopt comprehensive electronic health records.
As the year drew to a close, federal regulators issued a proposed rule to define how hospitals and...
Some healthcare organizations saw a doubling in hacker attacks in the fourth quarter of 2009, according to a small study of customers of SecureWorks Inc., an Atlanta-based information security services company.
I'm sorry, but weren't we just celebrating the holidays?
Unbelievable how fast the New Year has flown by already. It seems like we're all trying to get 12 months worth of work done in one.
With Howard Schmidt's appointment as national cybersecurity coordinator, his role as president of the Information Systems Security Association (ISSA) has been filled by Kevin Richards, a risk management advisor with Crowe Horwath.
In an exclusive interview, Richards discusses:
Top agenda items for ISSA in...
Risk management today - it's less about pure technology, more about business acumen and pure communication skills.
This is the position of Kenneth Newman, VP & Information Security Manager at Central Pacific Bank. In an interview about top risk management trends, Newman discusses:
Scope of the risk management...
One of the nation's best-known healthcare data security experts who's advising federal regulators on policy issues offers advice to organizations preparing to comply with the data breach notification requirements of the HITECH Act.
In an interview, Dixie Baker of SAIC advises hospitals and others to:
Study how...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
