Why do so many HIPAA -covered entities and their vendors do such a poor job managing security risk and safeguarding patient's protected health information? Many critical factors come into play, say Roger Severino, ex- director of HHS OCR, and Bob Chaput, founder of security consultancy Clearwater.
Chronic disease management firm Omada Health has been changing its approach to cloud intrusion prevention and detection, which is reducing time spent on investigating false positives, says the company's information security leader, Bill Dougherty.
The American Osteopathic Association has just begun notifying nearly 28,000 individuals about a June 2020 data exfiltration incident involving their personal information. The medical professional organization says workforce challenges during the pandemic led to the notification delay.
A flurry of hacking incidents and other recent breach developments highlight the cyberthreats and risks facing fertility healthcare and other related specialty providers that handle sensitive patient information.
A federal law signed earlier this year amending the HITECH Act could help incentivize many healthcare sector entities to bolster their cybersecurity programs, says federal adviser Erik Decker, CISO of Intermountain Health, who suggest other incentives, as well.
Deepayan Chanda discusses the four principles of cybersecurity - reliability, accuracy, architecture and resiliency - that he believes cover most of the aspects of how CISOs can maintain the level of cybersecurity that their organzations need to sustain attacks.
The world is experiencing a cybercrime pandemic, which is a direct consequence of COVID-19, according to Amit Basu, CISO and CIO at International Seaways. He offers proactive prevention measures, based on his own experience, for how organizations can stay safe and secure.
The Department of Health and Human Services has named Lisa J. Pino - a former Department of Homeland Security official charged with mitigating the massive 2015 cyberattack on Office of Personnel Management - as the new director of its HIPAA enforcement agency.
The acquisition of the SAFE Identity consortium and its trust framework by DirectTrust, best known for creating and maintaining trust frameworks for secure email messaging in healthcare, will help facilitate new secure health information exchange use cases, says DirectTrust CEO Scott Stuewe.
"Silence is gold." So says ransomware operator Ragnar Locker, as it attempts to compel victims to pay its ransom demand without ever telling anyone - especially not police. But some ransomware-battling experts have been advocating the opposite, including mandatory reporting of all ransom payments.
Effectively managing the cybersecurity of thousands of medical devices takes a highly collaborative approach and "delicate balance" between IT security leaders, biomedical staff and others, say Baptist Health Care's CISO, Thad Philips, and the senior manager of the biomedical program, Tony Williams.
The Ragnar Locker ransomware operation has been threatening to dump victims' stolen data if they contact police, private investigators or professional negotiators before paying a ransom. But as one expert notes: "Perhaps the criminals watched too many TV shows, because this isn’t how the real world works."
The impact of Hurricane Ida, including huge power outages, points to the importance of healthcare organizations and others having comprehensive business continuity and disaster recovery plans in place for natural disasters as well as cyber incidents.
Indianapolis, Indiana-based Eskenazi Health has acknowledged that hackers stole some data and posted it on the darkweb after a ransomware attack. But the organization says it's not yet determined if individuals need to be notified because its investigation is still underway.
Mastercard says that starting in 2024, banks and other institutions that issue its credit and debit cards will no longer need to include a magnetic stripe on the back, and that by 2033, m
agnetic stripes will be extinct. Given magnetic stripes' many security downsides, what's taken so long?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.