Government Accountability Office auditors say a lack of prioritization has kept agencies from requiring the use of personal identification verification credentials to obtain access to federal computer systems.
While it's good to see more privacy and security details included in the final version of the Federal Health IT Strategic Plan, much work remains to ensure patient information is protected when it's exchanged.
The compliance deadlines are aggressive - but so are today's threats, says Vishal Salvi, CISO of HDFC Bank, discussing the challenges of meeting the Reserve Bank of India's new information security standards.
Because social media pose significant risks to patient privacy, healthcare organizations need to develop detailed social media policies. But unfortunately, many organizations have yet to take that action.
Rep. Mary Bono Mack, at left in photo, wants security provider McAfee to brief the House subcommittee she chairs on its report of cyberattacks waged against governments and global businesses for more than five years it labels Shady RAT.
A new consumer survey suggests healthcare organizations still have a long way to go in educating patients about the benefits of electronic health records and easing their concerns about security issues.
Security experts at this week's Gartner Security and Risk Management Summit agree: Security, not compliance, has to be the new focus. Cyberintrusions cannot be stopped, and the RSA breach should be a lesson to the industry.
The California Supreme Court has ruled that a key provision of a tough state medical privacy law is not preempted by federal regulations. The evolving case, which eventually could wind up before the U.S. Supreme Court or grow into a class action case at the state level, is worth watching.