When it comes to breach prevention, many organizations are improving their own security posture, but neglecting that of their strategic partners. Trend Micro's Tom Kellermann outlines third-party risks.
In an interview about virtual supply chain threats, Kellermann discusses:
Supply chain gaps organizations...
Intermountain Healthcare deserves praise for its gutsy leadership on information security. It's calling attention to the value of thorough risk assessments, acknowledging its need to improve security and developing best practices to share.
Intermountain Healthcare stepped up its risk assessment efforts to better identify security issues and help ensure it can pass a federal HIPAA audit. Plus, it's developing security best practices to share with others.
With promises of ramped up HIPAA enforcement by federal regulators, and changes in the breach notification rule under the HIPAA Omnibus Rule, it's time for organizations to get serious about insider risks.
How can smaller healthcare organizations determine whether a vendor is a business associate or subcontractor directly liable for compliance under the new HIPAA Omnibus Rule? Regulatory expert Marjorie Satinsky explains.
In 2012, ExperianÂ® Data Breach Resolution dealt with 1700 breaches - 800 of them in the healthcare sector. What are the common gaps for organizations looking to comply with new HIPAA Omnibus standards?
Consumer advocate Deven McGraw says many provisions in the HIPAA Omnibus Rule, including better breach notification guidance and expansion of HIPAA liability to business associates, will provide substantial benefits to patients.
A $400,000 federal penalty stemming from the investigation of a breach at a clinic owned by Idaho State University is the latest example of how even relatively small security incidents can trigger hefty sanctions.
When it resumes, the HIPAA compliance audit program will be more focused in terms of what's evaluated but will encompass a broader range of organizations, says Verne Rinker of the HHS Office for Civil Rights.
The latest statistics on major healthcare data breaches for 2013 are encouraging. But could we see a surge in breach reports after organizations begin using updated federal guidance about how to assess whether to report a breach?