Recent breaches and regulatory audits have sharpened the focus on third-party risks. How are healthcare entities tackling this critical topic of business associate management? Attorney David Szabo shares insights.
When it comes to health data breaches, business associates are again grabbing headlines, calling attention to the importance of scrutinizing vendors. The latest incident involves a breach that wasn't reported to a covered entity for eight months.
With regulators gearing up to begin the next phase of HIPAA compliance audits, many covered entities appear to be overconfident about passing that scrutiny, according to the results of ISMG's latest Healthcare Information Security Today survey.
The lead cybersecurity official for Britain's GCHQ intelligence agency dismisses charges that the U.K. conducts mass surveillance. But critics question the government's introduction of the Investigatory Powers Bill.
Some healthcare associations are seeking more clarity from federal regulators about security and privacy requirements proposed for Stage 3 of the HITECH Act "meaningful use" incentive program for electronic health records. Find out their concerns.
An amended version of the 21st Century Cure bill has passed its first Congressional hurdle without revisions to provisions that would significantly change the HIPAA Privacy Rule. The bill also would set penalties for blocking information sharing.
Some privacy experts are concerned that a proposed "21st Century Cures" bill would weaken HIPAA privacy protections for patient data. The measure is designed to help speed up the development of new drugs and treatments.
Bank of the West prides itself on being an innovator in customer education about fraud prevention. But customers still don't want to be inconvenienced with arduous security hoops, says bank fraud prevention officer David Pollino.
(ISC)Â² and the Cloud Security Alliance have unveiled a new cloud security professional certification designed to measure advanced competence. Will training for the certification help professionals gain a better understanding of cloud security?
Not all threat intelligence is created equally, says Fortinet's John Maddison. And it's not just external threats organizations should be most concerned about. Why more businesses need to focus on inside-out security.
At a time of sweeping change in cybersecurity, attorney Stephen Wu says organizations need to be prepared from a compliance, incident response and risk management perspective to address novel situations stretching society's capabilities.