Cyber Command Commander Gen. Keith Alexander tells a Senate panel that it's vital that Congress enact legislation giving the nation's critical infrastructure owners liability protection so they can share cyberthreat information with the government.
How are business associates affected by the HIPAA Omnibus Rule? Susan McAndrew of the HHS Office for Civil Rights outlines the relevant provisions and offers compliance advice to covered entities and their partners.
CIOs need to go beyond a short-term focus on securing individual systems and take a broader, long-term view on privacy and security issues, says Harry Greenspun, M.D., of the Deloitte Center for Health Solutions.
A new report claims the Department of Veterans Affairs transmits unencrypted data, including patient records, across unsecured networks. But the VA offers a different assessment.
Healthcare organizations should use a four-step process to determine how best to apply encryption to minimize security risks, says security expert Feisal Nanji.
Internet visionary Vint Cerf sees the development of strong authentication for the billions of devices connected to the Internet as the IT security community's next big challenge.
Homeland Security Secretary Janet Napolitano and NIST Director Patrick Gallagher tell Congress that industry, not the government, will take the lead in establishing IT security best practices for infrastructure operators.
With organizations racing to be the first-to-market with the latest, coolest app, they are forgetting something critically important: applying security principles in the development and deployment.
Picture it: Hackers worming their way into user accounts to rig hospital medication dispensers, operating room heating systems and medical devices to wreak havoc and potentially even to kill patients.
Too many healthcare organizations conduct a HIPAA compliance assessment instead of a comprehensive risk analysis, says security specialist Dave Newell, who also points out other common mistakes.
The HIPAA Omnibus Rule could play an important role in improving the security of medical devices that store patient data, says an official with the agency that enforces HIPAA. Find out what part the rule could play.
Although the HIPAA Omnibus Rule is a step in the right direction for protecting health information, the regulation still leaves large privacy gaps, says patient advocate Deborah Peel, M.D.
Preparing for compliance with the privacy and security provisions of the HIPAA Omnibus Rule and the HITECH Act electronic health record incentive program go hand-in-hand, says federal privacy officer Joy Pritts.
Patient portals can fulfill some regulatory requirements related to providing individuals with electronic access to their medical records. But privacy and security concerns must be addressed, two experts say.
The resumption of the HIPAA compliance audit program is on hold while regulators analyze pilot audit project results and implement the HIPAA Omnibus Rule, says Susan McAndrew of the HHS Office for Civil Rights.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.