The recent surge in ransomware attacks on hospitals has at least one member of Congress contemplating whether HIPAA's breach notification requirements need to be clarified or updated to reflect the trend.
Now that the Department of Health and Human Services has announced that it will soon begin the next round of HIPAA compliance audits, organizations need to take specific steps to prepare in case they're chosen for scrutiny, says attorney Robert Belfort, a regulatory specialist.
HHS says it has launched "phase two" of its HIPAA compliance audit program, portraying this as another interim step toward a permanent program. But will Congress ever approve enough funding to ramp up audits?
Smaller hospitals and clinics must avoid the common mistake of thinking they won't fall victim to cyberattacks, warns risk management expert Tom Andre, vice president of information services at the Cooperative of American Physicians.
The HHS Office for Civil Rights is moving too slowly in issuing HIPAA guidance related to mobile health apps, cloud storage and other emerging technologies, according to a bipartisan group of congressmen. Does OCR have too much on its plate?
In a one-on-one discussion about today's top healthcare security challenges, Premise Health CISO Joey Johnson talks about the "paradigm shift" needed to move entities from a compliance mindset to one that embraces true cybersecurity.
The nonstop pace of "Apple vs. FBI" updates and related crypto debates seemed to exceed both the U.S. government's and the information security industry's advanced persistent spin-cycles at this year's RSA Conference.
It's springtime in San Francisco: cue the annual RSA Conference. Here are some notable trends that have already emerged from the event, ranging from ransomware and phishing attacks to hacker self-promotion and Facebook fakery.
Despite the pervasiveness of data breaches, healthcare organizations are still playing catch-up on implementing strong, risk-based security programs, rather than focusing solely on HIPAA compliance, says David Finn of Symantec. He offers a preview of his session at the HIMSS 2016 Conference about a new survey.
To the list of vulnerable, Internet-connected devices - from routers and home alarms to baby monitors and toys - now add the world's most popular electric car: the Nissan LEAF. Nissan says a full fix is forthcoming.
As a result of high-profile breaches, emerging malware threats and increased regulatory scrutiny, CISOs at financial institutions are under more pressure than ever to develop innovative strategies for enhancing cybersecurity. And the CISO's evolving role will be a hot topic at RSA Conference 2016.
Java users are being warned to only use newly released installers to avoid a nasty potential exploit. Meanwhile, a veteran bug hunter questions whether Oracle's move to ditch Java browser plug-ins will have a significant security upside.