As federal regulators reveal details for the next phase of HIPAA compliance audits, security and privacy experts give the plan mixed reviews. Find out what experts like and don't like about the proposals.
While the 2014 Healthcare Information Security Today survey indicates more healthcare entities are performing HIPAA security risk assessments, smaller providers and business associates are still struggling with this task, says security expert Kate Borten.
Many covered entities are still tackling the challenge of making sure their business associates are HIPAA compliant, says security specialist Andrew Hicks, who analyzes the results of the 2014 Healthcare Information Security Today survey .
Thorough documentation will be more important in the next round of HIPAA compliance audits slated to begin this fall because most will not involve onsite examinations, says privacy attorney Adam Greene.
The HHS Office for Civil Rights will resume its HIPAA compliance audit program this fall with a limited number of narrowly focused "desk audits," plus comprehensive on-site audits "as resources allow."
Advanced threats are like the weather. Everyone talks about them, but few have a solid defense plan - or even a solid understanding of the threat landscape. Mike Nichols of General Dynamics Fidelis Cybersecurity Solutions offers insight.
Leading this week's industry news roundup, IBM receives a new mobile technology patent, while Tripwire releases a new vulnerability management solution, and Fiserv announces two new anti-fraud solutions.
Information security and privacy work in healthcare environments often requires a depth of specialized knowledge and competency that can be validated through the help of professional credentialing, says CISO Sean Murphy.
Even so-called minor breaches can cost organizations nearly $200,000, according to one finding from NTT Group's annual Intelligence Report. Rob Kraus of Solutionary shares the study's insights and advice.
More than 30.6 million individuals have been affected by major healthcare data breaches since 2009, the latest federal tally shows. Some security experts predict breach trends will shift, with business associates being implicated more often.
Distributed-denial-of-service attacks are a concern for all organizations. But financial institutions face unique challenges, and so they require a unique level of protection, says Mark Byers of Fortinet.
Mobility has driven the rise of containerization as a security strategy for employee-owned devices. But what about for contractors? Kimber Spradlin of Moka 5 discusses how to mitigate third-party risks.