Whether you're preparing for the upcoming HIPAA compliance audits, pondering a move to cloud computing or developing a social media policy, it pays to get privacy and security tips from experts in the field.
Cloud computing contracts often assign certain liabilities to the customer. That means healthcare organizations, in some cases, may need additional insurance coverage, warns consultant Gerard Nussbaum.
Before entering a contract with a cloud computing vendor, it pays to do your homework on key privacy and security issues, three experts advise. They suggest demanding transparency into the details of all cloud operations.
Organizations entering into a contract with a cloud computing vendor need to have a clear understanding of how the vendor operates before signing off on their services, says Chris Witt of Wake Technology Services Inc.
Organizations eager to take advantage of cloud computing need to take a step back and consider many critical privacy and security issues, says Feisal Nanji, executive director at the security consulting firm Techumen.
"The more that you could focus in on computer science topics, to understand programming, network-based technology and mobile-based technology, the better off you're going to be," says Rob Lee of SANS Institute.
Experts advise healthcare organizations that are considering using cloud computing to ask vendors tough questions about privacy and security and carefully consider whether they need additional liability insurance coverage to address the risks involved.
The Department of Veterans Affairs is seeking advice from cloud computing vendors on the feasibility of using commercial software-as-a-service collaborative tools that eventually could meet the needs of all of its 134,000 medical personnel.
Healthcare organizations entering cloud computing contracts should carefully consider whether they need additional liability insurance coverage to address the risks involved, says IT consultant Gerard Nussbaum.
With the extension of ENISA's mandate into 2013 by the European Parliament & Council, the agency can continue to educate and collaborate with other nations on cybersecurity issues, an area of constant importance.
ISACA's Marc Vael says differences in cloud computing environments and cloud providers can pose security risks. But well thought-out contracts and risk-management plans can fill potential security gaps and ensure business continuity during outages and disasters.