What can organizations do to improve security after a network attack? Post-breach investigations help security leaders trace steps and strengthen weak points, says investigator Erin Nealy Cox.
Health data breaches involving the loss or theft of unencrypted computing devices are a persistent problem, according to the most recent federal statistics. A security expert offers insights and advice.
The HIPAA Omnibus Rule provides new, more objective guidelines for how to assess whether breach notification is required. Regulatory experts provide six tips for how to prepare to comply.
The main takeaway from a House hearing this past week was that the biggest information security problem most small business operators face is that they're unaware they have an IT security problem.
A bill to reform the Federal Information Security Management Act, which is heading to the House of Representatives, delineates the responsibilities for each agency's chief information security officer. Read what they are.
With the HIPAA Omnibus Rule taking effect on March 26, the clock is running for covered entities and business associates to meet the Sept. 23 compliance date. Experts offer four tips for staying on track.
Attorney Marcy Wilder explains why the HIPAA Omnibus Rule means many healthcare organizations will need to change their approach to determining if an incident is a breach that must be reported.
Conventional wisdom suggests China isn't interested in disabling industrial control systems in the U.S. After all, such an act would be against its own economic interest. But is that type of thinking right?
The bill's chief sponsor says agencies struggle with cyberthreats. "This update to FISMA will incorporate the last decade of technological innovation, while also addressing FISMA shortcomings realized over the past years." Rep. Darrell Issa says.
A class action lawsuit alleges that IRS agents unlawfully seized medical records for 10 million individuals, including state judges, during a raid of a California company.
Healthcare organizations signing new deals with vendors, including many cloud services providers, must make sure that their business associate agreements reflect the new HIPAA Omnibus Rule's requirements.
A new online toolkit is designed to help small, rural healthcare providers get started with health information exchange. But how valuable is the privacy and security advice?
Most people will remember March 13, 2013, as the day Cardinal Jorge Bergoglio ascended to the papacy as Pope Francis. But for those who consider cybersecurity vital for society's well-being, it's an historic date as well.
The Privacy and Security Tiger Team, which advises federal regulators, is tackling the issues involved in the exchange of patient information among healthcare providers using the query and response method.
The Department of Health and Human Services conducts three types of audits or investigations involving privacy and security issues. But preparing for any of these inquiries requires similar steps, experts say.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.