In its third enforcement action in recent weeks, federal regulators have hit a Colorado medical center with a HIPAA fine in a case involving failure to terminate a former employee's remote access to patient data. Other organizations can use the case as a "teachable moment," one attorney advises.
Multifactor authentication and privilege-based controls are among the forms of identity and access management that can help security leaders address key vulnerabilities in their organizations, says Charanjit Singh Sodhi of Normura Wholesale, who offers advice.
A security review of two Medicaid managed care organizations in Arizona revealed several significant access control and configuration vulnerabilities, raising concerns about whether other MCOs face similar challenges.
Over the past decade, businesses have become more global as they decentralize and
externalize non-core business functions, transitioning them to a network of suppliers,
factories, warehouses, transporters, and other value chain stakeholders. As a result, the
value chain has become even more complex and vulnerable...
Uber has been slammed with $1.2 million in fines by U.K. and Dutch privacy regulators for its cover-up of a 2016 data breach for more than a year. The breach exposed millions of drivers' and users' personal details to attackers, whom Uber paid $100,000 in hush money and for a promise to delete the stolen data.
Patient identity management is the prescription for improving remote patient access, portal adoption and patient satisfaction. Forward-thinking enterprises have realized that integrated proven strategies for identity management are a significant factor in success for both patients and providers.
Despite increased use of two-factor authentication, single sign-on, and biometrics, passwords are still the most common form of authentication. However, when a significant percentage of breaches are caused by weak, stolen, or reused passwords, it's clear passwords pose significant risks that can't be ignored.
You know password management is important. But is your business failing to invest in this easy security and productivity win?
In this Global Password Security Report, we're uncovering the true state of corporate password security around the world. We analyzed aggregated data from more than 43,000 businesses using...
A vulnerability is only as bad as the threat exploiting it and the impact on the organization. Security and risk management leaders should rate vulnerabilities on the basis of risk in order to improve vulnerability management program effectiveness.
Gartner receives frequent inquiries from clients who are...
Bankers Life is notifying more than 566,000 individuals, including Medicare supplemental insurance policyholders, that their personal information was exposed in a hacking incident. Employee credentials were compromised, enabling unauthorized access to certain company websites containing personal data.
Identity and access management is not about compliance anymore - It's really about security, says Gartner's Felix Gaehtgens. With cloud, virtualization, DevOps and other IT trends, IAM has evolved from being a one-off project to an ongoing initiative.
Certain cloud security solutions will protect you today but which are best designed for the future?
Download this checklist to determine how ready your cloud security solution is to meet the challenges of the Vanishing Perimeter and deliver always-on, everywhere protection.
Hackers remotely accessing medical devices and systems - potentially disrupting care and putting patients at risk - is the No. 1 technology hazard facing healthcare entities in the year ahead, according to a new report from the ECRI Institute. Security experts size up the significance of this risk.
Healthcare organizations often fail to address five fundamental elements of a solid cybersecurity program, says security expert Mark Johnson of the consultancy LBMC Information Systems, who formerly was CISO at Vanderbilt University and Medical Center.