An important component of preparing for a potential HIPAA compliance audit is to complete a "walk through" to make sure privacy and security policies and procedures are practical and effective, former HIPAA enforcer Adam Greene advises.
The FFIEC's updated online authentication guidance urges banks and credit unions to do better jobs of authenticating and identifying devices, areas that aren't bolstering the kind of security they could, says security expert Ori Eisen.
The Department of Health and Human Services has published a proposed rule that describes privacy, security and many other standards for web-based state insurance exchanges called for under the healthcare reform law.
Now that the FFIEC Authentication Guidance update has been issued, there is no more important task for banking institutions than to conduct their risk assessments, says Matthew Speare of M&T Bank Corp.
The long-overdue HIPAA compliance audit program likely will launch late this year or early in 2012 after up to 20 test audits are completed, says Susan McAndrew, deputy director of the federal agency overseeing the program.
In one of the largest health information breaches reported so far this year, Spartanburg Regional Healthcare System in South Carolina has notified 400,000 of an incident involving the theft of a desktop computer from an employee's car.
As a report of one of the worst digital assaults against the Pentagon surfaces, Deputy Secretary William Lynn III unveils a new Defense Department cyberspace strategy in which the Pentagon will more actively defend military and defense industry systems and networks.
By leveraging infrastructure that exists, a DoD-DHS-private sector cyber pilot suggests the nation can provide substantial additional protections across its critical infrastructure for only a fractional increase in cost.
Now that the FFIEC's updated online authentication guidance is out, banking institutions need to move forward in preparation for 2012 compliance, says Julie McNelley, banking fraud analyst for Aite Group.