The HIPAA Omnibus Rule stresses the need for business associates to adequately safeguard patient information. What are the implications? Here's what a federal privacy officer and a consumer advocate have to say.
Security threats to healthcare organizations are on the rise - and so are regulatory requirements. Kim Singletary of McAfee discusses the top breach prevention and response challenges for healthcare organizations in 2013.
In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
South Carolina's Revenue Department went nearly a year without a chief information security officer before its tax system was hacked this summer. The agency's chief says the state couldn't find a qualified candidate for the job that pays $100,000 a year.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
In a merger, communication is essential for ensuring security and privacy challenges are met, says Christopher Paidhrin of PeaceHealth Southwest Medical Center, whose parent company recently went through a merger and will soon undergo another.
While the Office of the National Coordinator for Health IT continues work on mobile device security guidance for smaller healthcare organizations, a researcher offers insights on steps these providers can take now to improve security.
What's the best way to win a CEO's support for greater information security investments? Consultant Eric Mueller advises IT security professionals to spell out the business impact of inadequate security.