Sometimes HIPAA training alone is just not enough to drill into peoples' heads why and how patient information needs to be protected. So, how are organizations getting medical staff to do the right thing?
A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
In parts of Europe and Asia, privacy legislation took solid steps forward in 2012. In the U.S., however, progress has stalled. Is the U.S. at risk of falling behind when it comes to privacy protection?
From point-of-sale hacks to malware and DDoS attacks, the top cyberthreats of 2012 have been aggressive and strong. Is it time for organizations to adopt a "hack back" strategy against perceived attackers?
McAfee CPO Michelle Dennedy and Intel CISO Malcolm Harkins work for the same company, but in some ways they are worlds apart. How must privacy and security leaders bridge gaps to face challenges ahead?
South Carolina's Revenue Department went nearly a year without a chief information security officer before its tax system was hacked this summer. The agency's chief says the state couldn't find a qualified candidate for the job that pays $100,000 a year.
Developing a bring-your-own-device
policy that's well-integrated with an organization's overall information security strategy requires a multi-disciplinary, collaborative approach, says attorney Stephen Wu.
Incorporating new concepts such as security-control overlays and placing a renewed emphasis on information assurance, the forthcoming guidance is 'a total rewrite' from the 2009 version, NIST's Ron Ross says.
Gov. Nikki Haley realizes the potential political consequences of a breach, which explains why she held three press conferences on three consecutive days to address her administration's response to a computer breach of the state's tax IT system.
Text-messaging by physicians and other clinicians poses serious potential patient privacy risks. But with security controls in place, some healthcare organizations are giving a green light to texting in certain circumstances.
A key aim of the Next Generation Cyber Initiative has been to expand the FBI's ability to quickly define 'the attribution piece' of a cyberattack to help determine an appropriate response, the FBI's Richard McFeely says.