Deven McGraw, co-chair of the Privacy and Security Tiger Team that's advising federal healthcare regulators, explains why she's frustrated by delays in rolling out new regulations to protect electronic health records and safeguard the exchange of patient information.
Healthcare organizations should carefully document all necessary breach investigation and notification actions and responsibilities to avoid chaos when an incident occurs, says Dawn Morgenstern, privacy official at the Walgreens national drugstore chain.
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
It's one thing to have a data breach response team. It's quite another to ensure that team is made up of savvy personnel, says Brian Dean, a former privacy executive for KeyBank.
Understanding the definition is merely the beginning. Helping determine the role government should have over the critical infrastructure is something that shouldn't be left solely to lawmakers.
Five members of Congress have sent a bipartisan letter to the director of TRICARE, the military health program, asking detailed questions about a recent breach that affected 4.9 million beneficiaries.
Physician group practices, many of which are adopting their first electronic health record system, need to make staff training on privacy and security issues a top priority, says Susan Turney, M.D., the new CEO at the Medical Group Management Association.
The emerging trend of class action lawsuits filed in the wake of major health information breach incidents offers one more incentive to boost breach prevention efforts.
What's really scary, beyond the obvious, is the risk this hidden software poses to organizations trying to protect the security of their data and the privacy of their employees.
"Cybersecurity remains a priority for my administration, and we are committed to protecting our critical infrastructure by taking decisive action against cyberthreats," President Obama says in a proclamation designating December Critical Infrastructure Protection Month.
Data breaches are all about reputational risk, says attorney Lisa Sotto. And as legal requirements grow, attorneys must play increasingly integral roles in helping clients respond to incidents.
IEEE sees 2012 as a disruptive year of widespread mobile-device intrusions as a growing number of smartphones - now 20 percent of the market - make them an attractive target for hackers.
In addition to the negative publicity associated with being included on the federal tally of major health information breaches, some organizations are experiencing yet another impact of breaches: class action lawsuits.
It's a new wave of cybercriminal behind the latest major data breaches, says breach expert Lucy Thomson. And these incidents are resulting in a new generation of breach notification laws globally.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.