Absent a uniform method, the NIST interagency report investigates credential revocation, focusing on identifying missing requirements, and suggests a model for credential reliability and revocation services that addresses those missing requirements.
A new report says the Department of Health and Human Services must improve oversight of the HITECH Act's EHR incentive program, so that providers show better proof of compliance, including risk assessments.
Given the magnitude of sensitive information on Social Security Administration computers, the inspector general says, any loss of confidentiality, integrity or availability of systems or data could have a significant impact on the nation's economy.
The recent wave of DDoS attacks against top U.S. banks is a wake-up call for organizations that are ill-prepared to fight against such an attack. NIST's Matthew Scholl offers strategies to mitigate the threat.
Comments are being accepted through Jan. 14, 2013, on potential privacy and security requirements to be included in the meaningful use rule for Stage 3 of the HITECH Act's electronic health record incentive program.
Prompted by the WikiLeaks breach, President Obama has issued a memorandum directing federal agencies to implement minimum standards to protect vast amounts of classified data on government computers, networks and systems from insiders.