How can we secure access to mission-critical workloads on cloud-based infrastructure without increasing risk, operational friction, or introducing compliance violations?
As security professionals, we're trying to solve today's complex problems, but are hampered by yesterday's tools. Fortunately, there are...
HHS has issued new health data privacy guidance and announced a contest to create an online "model privacy notice generator." Plus, it's issued a reminder about the importance of reviewing and securing audit logs to help prevent and detect breaches.
The threat landscape certainly has changed in recent years. But can you say the same about the traditional intrusion prevention system."The biggest problem with IPSs today is that organizations are trying to fight today's threats with yesterday's solutions," says Bertone, who serves as CTO of Fidelis Cybersecurity....
"How secure are we?" That's one of the most common questions asked by boards and senior managers. But security and technology leaders do not always have ready answers, says Jacob Olcott of BitSight Technologies. Are they even using the right security metrics?
In an interview about cybersecurity metrics, Olcott...
Federal regulators issued a report about weaknesses found in an audit of Premera Blue Cross' systems about a month before an attack by hackers against the health insurer apparently started. Could those weaknesses have opened the door to an attack?
Some experts are concerned that the Department of Health and Human Services' Office for Civil Rights isn't taking bold enough action in stepping up its efforts to enforce HIPAA. Learn more about their areas of concern.
A government watchdog has begun auditing payments by state Medicaid agencies to hospitals participating in the HITECH Act electronic health record incentive program. Find out about plans for other HITECH audits, including scrutiny of security.
As federal regulators reveal details for the next phase of HIPAA compliance audits, security and privacy experts give the plan mixed reviews. Find out what experts like and don't like about the proposals.
The HHS Office for Civil Rights will resume its HIPAA compliance audit program this fall with a limited number of narrowly focused "desk audits," plus comprehensive on-site audits "as resources allow."
Federal advisers heard concerns from healthcare providers, EHR software vendors and others this week about the cost and impracticality of a proposed requirement to offer patients an access report listing caregivers who had viewed their records.
Federal regulators plan to launch a permanent HIPAA compliance audit program in 2014 that targets a larger number of organizations but covers a narrower scope of issues. Learn the details the nation's top HIPAA enforcer revealed.