Healthcare organizations can take several key steps to help avoid the scrutiny of their state's attorney general and defend against possible class action lawsuits in the aftermath of data breaches, says privacy attorney David Navetta.
Editor's Note: Excerpts of this interview appear in ISMG's Security Agenda magazine, distributed at RSA Conference 2014.
Privacy should be built into the design of all healthcare information technology and related processes, says Michelle Dennedy, who's writing a book on the concept of "privacy by design."...
The ongoing epidemic of health data breaches involving unencrypted laptops demonstrates why many healthcare organizations need to conduct more meaningful risk assessments, says security expert Dan Berger.
Patients entrust their lives to healthcare organizations. Shouldn't their personal data also be safe? Symantec's Axel Wirth on what healthcare security leaders must do differently to protect patient data.
Expanded with more educational tracks and sessions on emerging hot topics, the 2014 edition of the RSA Conference will be the largest ever, says Hugh Thompson, program committee chair.
Now that he's taken on the job of CISO of a software vendor, Jennings Aske, the former info security and privacy officer at Partners HealthCare, talks about dealing with compliance issues from the new vantage point of a business associate.
Before they sign a contract with a cloud vendor, healthcare organizations should ask a series of probing questions about data security to help ensure HIPAA compliance, says consultant Brian Evans.
From access controls to intrusion detection, mobility to privacy, healthcare organizations face unique network security challenges. Isabelle Dumont of Palo Alto Networks offers a new, unique approach.
To avoid the risk of staff using social media to communicate about patients, healthcare organizations need to offer more secure alternatives, says security and privacy expert Andrew Hicks.
As patient portals become more common in 2014, healthcare providers will struggle to find a balance between implementing strong authentication practices and providing individuals with easy access to records, says privacy attorney Adam Greene.
Healthcare entities are increasingly turning to the cloud, and regulators are increasingly focused on cloud service providers' security. Time to ensure those business associate agreements are in order, says Symantec's Rick Bryant.
As the HHS Office for Civil Rights continues its efforts to ramp up HIPAA enforcement, organizations can take several specific steps to prepare, advises David Holtzman, a former OCR official.
Healthcare providers and their business associates need to take steps to protect patient data as they would defend any other significant business asset, says David Holtzman, a former senior official at the agency that enforces HIPAA.
The number of reported breaches is up considerably this year, but so is the overall quality of organizations' breach preparedness, says Michael Bruemmer of Experian Data Breach Resolution.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.