After the complete collapse of network security at Sony Pictures - in the wake of its data breach - it's important that we highlight some of the organization's fundamental security mistakes. Here's a macro view of the lessons we must all learn.
Federal regulators are sending a powerful message about the importance of applying software patches by slapping an Alaska mental health services providers with a $150,000 HIPAA sanction. Learn what's included in the corrective action plan.
Lawmakers and their staffs are working behind the scenes to get one or perhaps two pieces of cybersecurity legislation enacted before the 113th Congress adjourns this month. But passage remains a longshot.
A former hospital CFO has pleaded guilty to submitting false documents so the medical center could receive payments from the HITECH Act EHR incentive program. Some legal experts say other federal prosecutions for HITECH Act fraud are likely.
The secure national exchange of patients' health information for use in treatment will make progress once "we simplify what we say when we're explaining privacy to people," says Lucia Savage, new chief privacy officer of ONC.
Sophisticated threats require advanced threat protection. A threat-focused next-generation firewall must adhere to three strategic imperatives. Learn how these imperatives improve defense against advanced threats.
Once the now-delayed HIPAA compliance audits resume, federal regulators will be conducting more on-site audits and fewer remote desk audits of covered entities and business associates than originally planned.
Enterprises need to think beyond malware, breaches and insider threats when assessing information security. Keeping hardware up and running - available - is a crucial aspect of securing essential data.
To fill a gap in professional development and educational resources for healthcare information security leaders, the College of Healthcare Information Management Executives has launched a new offshoot group for healthcare CISOs.
Prosecutors in Texas have taken the rare move of pursuing criminal charges against an individual for alleged HIPAA violations. The case is a reminder that health workers can face prison time and hefty monetary fines for wrongful disclosures of PHI.
It's hurricane season, but natural and man-made disasters can happen anytime. Unfortunately, healthcare organizations are often unprepared for how to rebound so their data operations continue to run smoothly and securely in the wake of a crisis.
As the HHS Office for Civil Rights prepares for a change in its top leadership, information security leaders are watching to see whether the strategies of the HIPAA enforcement agency might shift as well.