A new guide from WEDI offers some basic tips for organizations assessing incidents under the HIPAA Omnibus breach notification rule. But it's important to address additional factors for effective beach assessment and response, two experts say.
Many endpoints in the healthcare sector, including medical devices, are being hacked because of inadequate security, according to a new study from the SANS Institute that identified apparent vulnerabilities at 375 organizations.
Now that the cybersecurity framework has been released, security experts are pondering whether the voluntary approach to following the guidance might eventually need to be replaced by some sort of mandate.
The RSA Conference 2014 will be held Feb. 24-28 in San Francisco, and Information Security Media Group will be the only Diamond Media Sponsor. Learn what's on the agenda at this world-class security event.
Today's threat landscape is rapidly expanding to include cyber-attacks attributed to nation states. How must organizations respond? Mike McConnell, former U.S. National Intelligence Director, shares insight.
Healthcare providers are turning to patient portals to provide remote access to electronic health records. But they face challenges when giving parents access to the records of minors of a certain age, says attorney Adam Greene.
Some people say the U.S. faces a cybersecurity staffing shortage. Renowned computer science professor Eugene Spafford disagrees. He discusses what he sees as the real shortage and what we can do about it.
A government watchdog plans a variety of activities to scrutinize the data security practices of healthcare providers, including hospitals' security controls over medical devices. It also will take a close look at the HealthCare.gov website.
Covered entities and business associates will be under heightened data privacy and security scrutiny in 2014. But experts say there are several basic steps those organizations can take to ensure HIPAA compliance.