Covered entities and business associates will be under heightened data privacy and security scrutiny in 2014. But experts say there are several basic steps those organizations can take to ensure HIPAA compliance.
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
The HIPAA Omnibus Rule stresses the need for business associates to adequately safeguard patient information. What are the implications? Here's what a federal privacy officer and a consumer advocate have to say.
Security threats to healthcare organizations are on the rise - and so are regulatory requirements. Kim Singletary of McAfee discusses the top breach prevention and response challenges for healthcare organizations in 2013.
In light of growing threats and the increasing complexity of information technology, organizations must get everyone in the enterprise, especially top leaders, involved in assessing and managing information risk.
A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
South Carolina's Revenue Department went nearly a year without a chief information security officer before its tax system was hacked this summer. The agency's chief says the state couldn't find a qualified candidate for the job that pays $100,000 a year.
Despite numerous data breaches, as well as financial incentives and penalties, many healthcare organizations aren't taking risk assessment requirements seriously. Experts offer insights on best practices.
Human genome sequencing can support groundbreaking research leading to improved treatments. But before genetic testing can become common, privacy issues need to be tackled, says Lisa M. Lee, who heads a presidential advisory panel.