Distributed healthcare networks have grown in complexity over the last decade as they expand network access and add more sophisticated security technologies to protect their networks. In addition, the adoption of standards such as the Payment Card Industry Data Security Standard (PCI DSS) and HIPAA have also improved...
A Florida law that takes effect July 1 toughens the state's data breach notification statute by, in part, broadening the term "personal information" to include individuals' usernames and e-mail addresses under certain circumstances.
In this resource, Dr. Alan Snell, former CMIO, and Jeffrey Short, a healthcare attorney, share insights on medical device risks that are easily missed, and easily catastrophic, with repercussions ranging from HIPAA violations to patient harm.
More importantly, they offer guidance on what healthcare leaders can...
Information security and privacy work in healthcare environments often requires a depth of specialized knowledge and competency that can be validated through the help of professional credentialing, says CISO Sean Murphy.
Covered entities and business associates will be under heightened data privacy and security scrutiny in 2014. But experts say there are several basic steps those organizations can take to ensure HIPAA compliance.
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
A congressional committee grilled representatives from four technology vendors providing services for the Obamacare website, questioning, for example, whether the site is putting consumer privacy at risk.
The HIPAA Omnibus Rule stresses the need for business associates to adequately safeguard patient information. What are the implications? Here's what a federal privacy officer and a consumer advocate have to say.
Security threats to healthcare organizations are on the rise - and so are regulatory requirements. Kim Singletary of McAfee discusses the top breach prevention and response challenges for healthcare organizations in 2013.
In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
A risk analysis, as required under the HIPAA Security Rule, is a critical and foundational component of an effective risk management process that helps covered entities, and their business associates, to perform their mission and protect the health information entrusted to them.
The National Institute of Standards...