For years, researchers have studied malicious insider threats. But how can organizations protect themselves from insiders who make a mistake or are taken advantage of in a way that puts the organization at risk?
The HIPAA Omnibus enforcement date has come and gone. What areas have covered entities overlooked, and what must they address as top priorities? David Finn of Symantec shares insight.
It's time for healthcare organizations to ensure they have done what they already should be doing, says Finn, health information...
The HIPAA Omnibus Rule is creating new risks for venture capitalists and private equity firms that invest in companies that qualify as business associates. How are these investors dealing with the challenge?
Although the enforcement date for the HIPAA Omnibus Rule was Sept. 23, compliance is an ongoing project, and educating smaller business associates is a continuing challenge, says Jeff Cobb, CISO at Capella Healthcare.
An audit protocol from federal regulators is a useful tool for covered entities and business associates that are conducting a risk analysis and beefing up HIPAA compliance efforts, says security expert Bill Miaoulis.
Bill Stewart, a privacy and security expert at medical device manufacturer Philips Healthcare, offers an explanation of when hospitals should apply software patches to devices on their own and when they should work with the supplier.
In recent weeks, Google and Amazon have quietly begun offering standardized business associate agreements to healthcare clients using certain cloud services. Security experts say the move is significant.
New social networking technology being piloted at more than two dozen healthcare organizations, including Cedars-Sinai Health System, is designed for secure collaboration among healthcare professionals.
Learn how the partial government shutdown is hampering a wide variety of important Department of Health and Human Services programs, ranging from patient privacy protection to disease outbreak detection.
Federal advisers heard concerns from healthcare providers, EHR software vendors and others this week about the cost and impracticality of a proposed requirement to offer patients an access report listing caregivers who had viewed their records.