A strategic security analyst from Mandiant, the company that's examining recent hacks from the inside, explains why such cyber-assaults will likely intensify under the leadership of China's new president, Xi Jinping.
Healthcare organizations have plenty of HIPAA Omnibus Rule compliance work to finish by the September deadline. But when it comes to getting outside help, it pays to do your homework.
The new, much more objective guidance for reporting breaches that's included in the HIPAA omnibus rule will result in an increase in notifications, predicts privacy law expert Marcy Wilder.
In the aftermath of a data breach last year that affected 780,000 individuals, Utah legislators are considering a bill that would mandate state agencies identify and implement best practices for protecting data.
Privacy and security leaders, including John Houston at University of Pittsburgh Medical Center, are evaluating the changes needed to comply with the HIPAA omnibus final rule. Find out what's on their to-do lists.
Susan McAndrew of the HHS Office for Civil Rights offers a detailed analysis of the final omnibus rule, which extensively modifies HIPAA and provides new guidance about when to report a breach.
The new omnibus rule makes it clear that business associates must comply with HIPAA. And the latest additions to the federal health data breach tally put a spotlight on why some BAs need to improve patient data protection.
New guidance on when to notify authorities of a breach is one of the most significant provisions in the HIPAA omnibus final rule, experts say. Find out what other provisions are drawing attention.
It will be a few years until many organizations reach a level of maturity with continuous monitoring. Getting there will take organizationwide acceptance, says George Schu of Booz Allen Hamilton.
With Congress facing $1.2 trillion in budget cuts, Federal Chief Information Officer Steven VanRoekel says funding for cybersecurity initiatives will likely be affected. But with smart planning, government information technology should not be placed at risk.
Many organizations are weighing whether cyber-insurance is a worthwhile investment. A decision on the type of policy to buy, and what it should cover, depends, in part, on the type of information that could be exposed.
With HIPAA compliance audits slated to resume within about a year, what steps can healthcare organizations take to begin to prepare? OCR's Leon Rodriguez offers strategies based on initial audit findings and breach investigations.
A draft of new guidance intended to be a blueprint to validate and implement a secure infrastructure as a service cloud computing offering has been issued by the National Institute of Standards and Technology.
Karen Scarfone, who coauthored NIST's encryption guidance, sort of figured out why many organizations don't encrypt sensitive data when they should. The reason: they do not believe they are required to do so.
The Government Accountability Office is preparing a comprehensive analysis of the nation's cybersecurity strategy to determine its effectiveness in securing government IT and critical information infrastructures.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.