Every new cybersecurity regulation includes at least some emphasis on improving vendor risk management. But what happens when vendors balk at the extra degree of scrutiny required? Moffitt Cancer Center's Dave Summitt describes his risk-based approach to business associates.
HealthcareInfoSecurity Executive Editor Marianne Kolbasuk McGee reflects on the just-concluded Healthcare Security Summit in New York in the latest edition of the ISMG Security Report. Also, PCI Security Standards Council CTO Troy Leach addresses ransomware risks.
Healthcare organizations, regardless of size, IT resources and budget, are faced with adequately protecting sensitive information and complying with HIPAA, PCI and other requirements. But many healthcare organizations that need to mature their cybersecurity programs struggle with where to start. What will deliver the...
Data protection legislation and regulatory enforcement actions are rapidly changing throughout the world and are having an immediate impact on how organizations globally approach cybersecurity, privacy, breach notification and data storage and protection. However, too frequently, U.S. healthcare sector organizations...
Leading the latest edition of the ISMG Security Report: An interview with the head of a new cyber initiative to help political campaigns and local, state and federal election officials safeguard America's electoral process. Also, analyzing the evolving characteristics of the healthcare breach.
Writing the obituary for the lifeless Neutrino exploit kit leads the latest edition of the ISMG Security Report. Also, judging the value of the Department of Health and Human Services' wall-of-shame website of healthcare sector breaches.
The FDA has warned Abbott that it must submit a plan within 15 days to address previously identified cybersecurity vulnerabilities and other potential safety issues in certain cardiac devices of St. Jude Medical, which Abbott Labs acquired in January.
A Texas-based pediatric practice is the latest healthcare entity to report a major data breach following a recent ransomware attack, despite the organization's efforts to mitigate the incident quickly.
Since March 2016, the OCR has been increasingly aggressive in bringing enforcement actions against healthcare organizations who have had PHI compromised through data breaches.
Get this guide to learn the important aspects of the Health Information Portability and Accountability Act (HIPAA) and how an appropriate...
Leading the latest version of the ISMG Security Report: a look at how various sectors are moving away from checkbox compliance, instead taking proactive measures to secure their information assets. Also, big increase in e-commerce fraud and Yahoo's costly breach.
In this edition of the ISMG Security Report: an analysis of a major fine against a Texas hospital and its implications for how the Trump administration might enforce HIPAA rules. Also, an IRS-related phishing scheme targets businesses.
In this edition of the ISMG Report: An FTC complaint filed against a camera manufacturer could signal the start of a trend to regulate IoT security. Also, Donald Trump adviser Rudolph Giuliani's cybersecurity credentials are questioned, and a terrorist shooting prompts new privacy guidance.