"Managing risk with regard to information systems and security sometimes doesn't go to the highest levels and that's why the risk framework is a way to get senior leaders involved early in the process," NIST senior computer scientist Ron Ross says.
The innocent use for three years of a Yahoo calendar application exposed personally identifiable information of 878 patients at the Department of Veterans Affairs' Chicago Healthcare Systems, a violation of VA policy.
With more than 220 major health information breaches reported to federal authorities so far under the HITECH Act requirements, healthcare organizations are looking for effective strategies to prevent breaches and avoid headlines. One critical element to any breach prevention strategy is beefing up network...
Devising strategies for ensuring social media are not used in ways that violate patient privacy is one of the top trends for 2011, says Lisa Gallagher, senior director of privacy and security at the Healthcare Information and Management Systems Society.