A new guide from WEDI offers some basic tips for organizations assessing incidents under the HIPAA Omnibus breach notification rule. But it's important to address additional factors for effective beach assessment and response, two experts say.
Many endpoints in the healthcare sector, including medical devices, are being hacked because of inadequate security, according to a new study from the SANS Institute that identified apparent vulnerabilities at 375 organizations.
The HIMSS 2014 Conference, to be held Feb. 23 to 27 in Orlando, will feature an impressive lineup of privacy and security educational content, plus updates from federal regulators. Check out the highlights.
Healthcare organizations can take several key steps to help avoid the scrutiny of their state's attorney general and defend against possible class action lawsuits in the aftermath of data breaches, says privacy attorney David Navetta.
Now that the cybersecurity framework has been released, security experts are pondering whether the voluntary approach to following the guidance might eventually need to be replaced by some sort of mandate.
The RSA Conference 2014 will be held Feb. 24-28 in San Francisco, and Information Security Media Group will be the only Diamond Media Sponsor. Learn what's on the agenda at this world-class security event.
Editor's Note: Excerpts of this interview appear in ISMG's Security Agenda magazine, distributed at RSA Conference 2014.
Privacy should be built into the design of all healthcare information technology and related processes, says Michelle Dennedy, who's writing a book on the concept of "privacy by design."
Today's threat landscape is rapidly expanding to include cyber-attacks attributed to nation states. How must organizations respond? Mike McConnell, former U.S. National Intelligence Director, shares insight.
Healthcare providers are turning to patient portals to provide remote access to electronic health records. But they face challenges when giving parents access to the records of minors of a certain age, says attorney Adam Greene.
Patients entrust their lives to healthcare organizations. Shouldn't their personal data also be safe? Symantec's Axel Wirth on what healthcare security leaders must do differently to protect patient data.
The ongoing epidemic of health data breaches involving unencrypted laptops demonstrates why many healthcare organizations need to conduct more meaningful risk assessments, says security expert Dan Berger.