The medical device industry faces four significant privacy and security challenges that pose potential threats to patients as well as manufacturers, says Michael McNeil, global security and privacy leader at Medtronic.
The settlement of a class action lawsuit against AvMed, a health plan company, stemming from a 2009 data breach, is significant because it awards payments to those who were not victims of identity theft.
For years, researchers have studied malicious insider threats. But how can organizations protect themselves from insiders who make a mistake or are taken advantage of in a way that puts the organization at risk?
The HIPAA Omnibus enforcement date has come and gone. What areas have covered entities overlooked, and what must they address as top priorities? David Finn of Symantec shares insight.
It's time for healthcare organizations to ensure they have done what they already should be doing, says Finn, health information...
The HIPAA Omnibus Rule is creating new risks for venture capitalists and private equity firms that invest in companies that qualify as business associates. How are these investors dealing with the challenge?
Although the enforcement date for the HIPAA Omnibus Rule was Sept. 23, compliance is an ongoing project, and educating smaller business associates is a continuing challenge, says Jeff Cobb, CISO at Capella Healthcare.
An audit protocol from federal regulators is a useful tool for covered entities and business associates that are conducting a risk analysis and beefing up HIPAA compliance efforts, says security expert Bill Miaoulis.