Trust has been a murky trait on the Internet since its inception. Remember the New Yorker cartoon? A dog, sitting by a PC, says: "On the Internet, nobody knows you're a dog." It's hard to trust what you see on the Net. That's more true today than ever.
Early results from the Healthcare Information Security Today survey show that insider threats, such as records snooping and ID theft, are perceived to be the most significant security threats to healthcare organizations.
As banks and credit unions work toward compliance with the FFIEC's updated online authentication guidance, they need to place their efforts and attentions on risk assessments, says Doug Johnson of the ABA.
The Office of the National Coordinator for Health IT has issued an advance notice of proposed rulemaking, seeking public comment on metadata standards to support nationwide electronic health information exchange.
"These reforms were developed to remedy what had become routine in Washington: IT projects running over budget, falling behind schedule, or failing to deliver promised functionality," Federal CIO Steven VanRoekel says.
Boiled down to its essence, the latest guidance issued by the Federal Financial Institutions Examination Council (FFIEC) is rather simple.
Essentially it's asking U.S. financial institutions to mitigate risk using a variety of processes and technologies, employed in a layered approach. More specifically, it asks...
Encryption is evolving in terms of its role against the current threat landscape. And with the onslaught of advanced persistent threats, encryption stands out as a top contender in mitigating the risks.
For John Colley, managing director of (ISC)2 in EMEA, ethics need to be addressed more frequently in the workplace. Organizations can no longer assume information is legitimate or has been gained through ethical means.
Documenting procedures for the State Department's custom-made, continuous-monitoring tool known as iPost will help ensure that the data collected are appropriately used to protect the agency's global IT system, a GAO audit says.
The Health IT Policy Committee has endorsed best practices for giving patients clear and simple guidance regarding how to safeguard electronic health records when viewing or downloading them, such as through a hospital's or clinic's portal.
When preparing for a potential HIPAA compliance audit, former HIPAA enforcer Adam Greene advises healthcare organizations: "Don't panic. I'm skeptical if it's possible for an organization to be 'audit-proof.' If you try to scramble and get everything in order, you may fail."