Healthcare organizations need to implement role-based privacy and security training to identify specific types of education for employees with different levels of access to protected health information, says Alex Eremia, chief privacy officer at MedStar Health.
A personalized medicine project leveraging genetic information holds great promise for improving patient treatment but raises certain privacy issues, says Scott Megill, CIO at the Coriell Institute for Medical Research.
Art Coviello, RSA's executive chairman, confirms that information taken from RSA in March had been used as an element of an attempted broader attack discovered late last month on SecurID customer and defense contractor Lockheed Martin.
Despite improvement in organizations' abilities to plan for and predict disasters, they still lack an effective response. In fact, the biggest gap in business continuity today is understanding, says Lyndon Bird, director at the Business Continuity Institute.
The legislation sponsored by Senate Judiciary Chairman Patrick Leahy would nationalize data breach notification and stiffen penalties for those who fail to notify law enforcement and individuals of a data breach.
Our 2011 survey exposes barriers preventing government IT security practitioners from doing their jobs effectively, identifies services and technology they need to safeguard IT and determines the comfort level they have with cloud computing.
David Navetta, an attorney who specializes in IT security and privacy, says the magistrate's recommendation, if accepted by the judge, could set an interesting legal precedent about the security banks are expected to provide for commercial customers.
The soon-to-be issued FY 2011 Chief Information Officer FISMA Reporting Metrics from the Department of Homeland Security will require agencies to report on their progress in automating the continuous measurement of the most critical security risks.