In addition to the negative publicity associated with being included on the federal tally of major health information breaches, some organizations are experiencing yet another impact of breaches: class action lawsuits.
Ongoing HIPAA compliance training is key to breach prevention, says Terrell Herzig of UAB Medicine. Yet many healthcare organizations are lacking in their efforts, according to results from the Healthcare Information Security Today survey.
Winning senior executive support for information security spending requires "a solid business case of justifications," says Christopher Paidhrin, security compliance officer at PeaceHealth Southwest Medical Center.
Improving regulatory compliance efforts is the No. 1 information security priority for healthcare organizations in the year ahead. That's a key finding of the inaugural Healthcare Information Security Today survey.
Medtronic's announcement that it's launching an "in-depth risk/benefit analysis" following an "ethical hack" of one of its insulin pumps is good news. We hope that Medtronic and all other medical device manufacturers launch long-overdue, aggressive efforts to improve medical device safeguards.
Heavily regulated industries like banking and healthcare have been reluctant to make the virtualized leap to the cloud, fearing a loss of control could open them to unforeseen risk. Are their concerns unfounded?
The total number of Americans affected by major health information breaches since the HIPAA breach notification rule took effect could grow by more than 50 percent once two major recent incidents are added to the official federal tally.