Are too many healthcare organizations and their business associates skimping on physical security measures for safeguarding patient records? Federal regulators seem to think so.
If you're paying attention, you've probably already seen a handful of GDPR-related headlines just today, let alone in the last week or month. But there are two good reasons for the deluge of GDPR discussion right now: It's incredibly important and the time to act is now.
Adequately tracking the nonstop arrival and departure of officials in the Trump White House might require real-time, multidimensional flowcharts. But one thing is clear: The White House is facing a looming cybersecurity knowledge and expertise deficit, and that deficit may soon get worse.
A coherent risk analysis program tailored to the organization is a vital component of any effort to improve cybersecurity and meet regulatory requirements, says attorney Shawn Tuma.
Federal regulators are proposing an overhaul to the "meaningful use" electronic health record incentive program. But current program requirements for conducting a security risk analysis would stick.
The New Jersey state attorney general has smacked a medical practice with a $418,000 penalty for a 2016 HIPAA breach involving a vendor's misconfigured server. The case is the latest example of the risks posed by vendors.
Should federal regulators provide physicians with a free pass from having to conduct a HIPAA risk analysis or face a random HIPAA compliance audit if they implement a cybersecurity framework? That's what the AMA is proposing. Security experts weigh in with reactions.
Organizations need to carefully assess - and then verify - the data security controls their existing - and prospective - vendors have implemented, says privacy and security expert Rebecca Herold, who offers a range of vendor management tips in an in-depth interview.
An effective endpoint security strategy can be as layered as you want it to be. But you'll have a strong foundation if you build off of these four key steps.
Healthcare organizations must take several important steps to improve their risk management programs, but the most critical move is incorporating security into their system development lifecycles, says security expert Bob Chaput, a featured speaker at the HIMSS18 conference.
What are the top security lessons that covered entities and business associates should learn from the latest HIPAA settlements? Illiana Peters, a former top HIPAA enforcer, shares her insights.
A government watchdog agency alleges that insurer Health Net of California has refused to cooperate in a security audit called for under a federal contract. Similar disputes often arise when healthcare organizations attempt to scrutinize the security practices of their vendors, some security experts point out.
Federal regulators are warning healthcare entities and business associates to take action to prevent becoming the next victim of cyber extortion, such as a ransomware attack. What are the recommended steps? And what other insights do experts offer?
Organizations in the Middle East and Central Asia are beginning to respond to the nuances of the evolving threat landscape in the region, says Tata Communication' Avinash Prasad in this exclusive interview.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.