Security threats to healthcare organizations are on the rise - and so are regulatory requirements. Kim Singletary of McAfee discusses the top breach prevention and response challenges for healthcare organizations in 2013.
In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
South Carolina's Revenue Department went nearly a year without a chief information security officer before its tax system was hacked this summer. The agency's chief says the state couldn't find a qualified candidate for the job that pays $100,000 a year.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
Human genome sequencing can support groundbreaking research leading to improved treatments. But before genetic testing can become common, privacy issues need to be tackled, says Lisa M. Lee, who heads a presidential advisory panel.
What's missing from remarks by Defense Secretary Leon Panetta, Senate Majority Leader Harry Reid and others is how the stalemate that led to the filibuster of the Cybersecurity Act could be resolved. Will the election make a difference?
Healthcare providers often fail to conduct comprehensive, timely risk assessments, as required by regulators. But security expert Kate Borten says they can leverage new guidance to help get the job done.
The Democratic Party platform on cybersecurity suggests that President Obama will take unilateral action to safeguard the nation's critical IT infrastructure because of Congress' inability to enact comprehensive cybersecurity legislation.
At St. Dominic-Jackson Memorial Hospital in Mississippi, a proactive breach prevention strategy has dramatically reduced privacy violations involving nosy healthcare workers inappropriately accessing medical records.
The United Kingdom and the United States are both cracking down on healthcare organizations that have experienced information breaches. But they're taking very different approaches. Which approach will prove most effective?