Every IT vulnerability survey of the past 10 years has had the same item at the top of the list: internal personnel our so-called trusted workers. Billions of dollars, countless vulnerability assessments, thousands of innovative security solutions later, and we still haven't moved the trusted worker off the top of the...
Completing security risk assessments for a long list of applications and providing information security training to its entire staff are two of the top priorities for 2010 at Johns Hopkins Medicine, one of the nation's largest academic medical centers.
In an interview, Stephanie Reel, vice president for information...
Welcome to HealthcareInfoSecurity.com, a media site with news, insights and education on healthcare privacy, risk management and information security.
Information Security Media Group, which offers similar information security/risk management sites for banking, credit unions and government, brought me on board to...
Hospitals and physician group practices that want to get incentive payments from Medicare and Medicaid for using electronic health records must use software that meets new federal "certification" standards. And those pending standards require the software to offer encryption and an access control mechanism.
Tucked away in last year's federal economic stimulus package were billions of dollars in funding to help offset part of the cost for hospitals and physicians to adopt comprehensive electronic health records.
As the year drew to a close, federal regulators issued a proposed rule to define how hospitals and...
Some healthcare organizations saw a doubling in hacker attacks in the fourth quarter of 2009, according to a small study of customers of SecureWorks Inc., an Atlanta-based information security services company.
I'm sorry, but weren't we just celebrating the holidays?
Unbelievable how fast the New Year has flown by already. It seems like we're all trying to get 12 months worth of work done in one.
With Howard Schmidt's appointment as national cybersecurity coordinator, his role as president of the Information Systems Security Association (ISSA) has been filled by Kevin Richards, a risk management advisor with Crowe Horwath.
In an exclusive interview, Richards discusses:
Top agenda items for ISSA in...
Risk management today - it's less about pure technology, more about business acumen and pure communication skills.
This is the position of Kenneth Newman, VP & Information Security Manager at Central Pacific Bank. In an interview about top risk management trends, Newman discusses:
Scope of the risk management...
One of the nation's best-known healthcare data security experts who's advising federal regulators on policy issues offers advice to organizations preparing to comply with the data breach notification requirements of the HITECH Act.
In an interview, Dixie Baker of SAIC advises hospitals and others to:
Study how...
What's the cost of a data breach?
The Ponemon Institute is out with its 5th annual "Cost of a Data Breach" study, and in an exclusive interview Dr. Larry Ponemon discusses:
The current cost of a data breach - and how it's risen since 2009;
Data breach trends across industry;
What organizations should do to...
Faced with the threat of much stiffer penalties for data security violations and ramped-up enforcement at the federal and state levels, many hospitals are just starting to pay serious attention to security, contends consultant Kate Borten. But they must go far beyond investing in new technologies to develop...
In 10 years as a security compliance officer, Christopher Paidhrin has seen his role broaden as data security has become an even higher priority at Southwest Washington Medical Center in Vancouver, Wash.
Today, Paidhrin is more involved in policy development. He's also pushing to improve awareness of the policies...
Hospitals and other healthcare organizations need to identify data security breaches "in a much more systematic way" to help ensure the privacy of personal information. That's the advice of Lisa Gallagher, senior director for privacy and security at the Healthcare Information and Management Systems...
The single most important step hospitals should take to comply with the HITECH Act is to retrain all employees, physicians and even volunteers on how to maintain the privacy and security of personal health information. That's the advice of Dan Rode, a regulatory expert at the American Health Information Management...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.