Washington has become the third state to pass legislation incorporating the Payment Card Industry Data Security Standard (PCI) to help financial institutions recover costs from credit/debit card breaches.
Guidance on how organizations should protect the confidentiality of personal identifiable information, SP 800-122: Guide to Protecting the Confidentiality of Personally Identifiable Information, or PII, has been issued by the National Institute of Standards and Technology.
Everyone is talking about cloud computing these days - but are they having the right conversations?
H. Peet Rapp is an information security auditor who sits on ISACA's Cloud Computing Work Group, and he's co-author of the white paper Cloud Computing: Business Benefits With Security, Governance and Assurance...
When it comes to keeping healthcare information private and secure, hospitals that focus primarily on regulatory compliance are making a huge mistake, says Sharon Finney, corporate data security officer for the 37-hospital Adventist Health System.
The topic has been discussed for years, but now truly is the time for organizations to invest in federated identity management.
So says Tom Smedinghoff, partner at Chicago-based law firm Wildman Harrold. In an exclusive interview, Smedinghoff discusses:
What's new about federated ID management;
Getting senior executives involved early and making sure they understand the organization's security vulnerabilities are two vital steps in any risk management initiative, says consultant Mark Ford of Deloitte.
In an interview, Ford offers advice on how to:
Win the support of senior executives as well as boards...
At an online session to solicit comments on a proposed framework for a new Federal Health IT Strategic Plan, planners asked for additional advice on tactics for ramping up enforcement of existing privacy and security regulations.
The federal government has awarded $267 million in grants to establish another 28 Health Information Technology Regional Extension Centers to educate doctors and others on how to implement secure electronic health records.