The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.
Information security and privacy work in healthcare environments often requires a depth of specialized knowledge and competency that can be validated through the help of professional credentialing, says CISO Sean Murphy.
The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
The basis of any good security program is conducting a thorough and timely risk analysis; but that can be difficult for smaller healthcare organizations. That's why a federal agency will soon unveil an app designed to make the process easier.
An address by FBI Director James Comey at the RSA security conference seems to equate civil liberties and privacy. But when he offers an example of balancing Americans' rights with cybersecurity, he mainly refers to the civil liberties, not privacy.
Covered entities and business associates will be under heightened data privacy and security scrutiny in 2014. But experts say there are several basic steps those organizations can take to ensure HIPAA compliance.
Now that he's taken on the job of CISO of a software vendor, Jennings Aske, the former info security and privacy officer at Partners HealthCare, talks about dealing with compliance issues from the new vantage point of a business associate.
Leon Rodriguez, director of the HHS Office for Civil Rights, could leave the HIPAA enforcement agency to become the director of U.S. Citizenship and Immigration Services if his presidential nomination is formalized and he wins Senate approval.
Joy Pritts, chief privacy officer at the Office of the National Coordinator for Health IT, offers insights on the best ways to prevent data breaches involving lost or stolen devices or records snooping.
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?