In the twelfth HIPAA enforcement action so far this year, federal regulators have smacked St. Joseph Health System with a $2 million penalty after investigating a breach that exposed patient information to internet searches for more than a year. And more enforcement actions tied to other breaches are on the way.
Virtually every industry is prone to cyberattacks, online fraud and identity theft. For years' banks have secured online transactions for commercial accounts and private banking customers via multifactor authentication. Now through organizations like the NCSA and HIMSS, multifactor authentication may finally become...
Under a hefty new Medicare payment reform final rule, healthcare providers must attest that they will not inappropriately block secure patient information exchange. But how will the provisions work?
With comprehensive network modeling extending into virtual networks, network security engineers can gain the needed visibility to unify security and compliance processes across their hybrid hardware and virtual environments.
Under Australia's strict definition of a cyberattack, the country has never actually experienced one. The claim underscores ongoing questions about how to describe cybersecurity incidents.
Understanding the difference between cybersecurity crisis management and security incident response could be critical to your organization's survival. In this blog, a CISO offers insights on creating an effective crisis management plan.
Nine technology companies have recently founded the Vendor Security Alliance (VSA), an independent, non-profit coalition that aims to help member companies evaluate or assess the security and privacy of third-party providers whom they heavily rely on and even entrust their users most important data with. They also...
If you look beyond the political bickering and study the cybersecurity platforms that presidential candidates Hillary Clinton and Donald Trump have posted on their campaign websites, you'll see that their approaches are similar in some respects.
New long-awaited federal guidance clarifies that cloud services providers that handle protected health information are nearly always considered business associates under HIPAA and, as a result, must meet the regulation's security requirements.
Hacker attacks continue to account for the vast majority of health data breach victims this year, according to the latest federal tally. Some security experts expect that trend will persist as long as many organizations focus narrowly on HIPAA compliance rather than larger cybersecurity issues.
Sadly, users are still their own worst enemy as they are not taking the safeguards to help protect themselves in digital mobile market today. As reported by Infosecurity Magazine, today, only 45% report locking their phone with a pin, password or biometric. Yet 83% of consumers are extremely, very or somewhat...
Because the legal relationships between healthcare organizations can be very complex, it's not always crystal clear when business associate agreements should be in place to help safeguard patient data, says privacy attorney Adam Greene. He explains the legal issues in this in-depth interview.
Attackers have healthcare entities in their crosshairs, and their favorite targets are easily compromised credentials. Tracy Hulver of Synchronoss offers new ideas for how security leaders can better manage and secure identities.
Even when entangled in billing or other disputes with covered entities, business associates may not hold hostage the protected health information of patients, federal regulators say in recently issued guidance.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.