search result

September 23, 2013: HIPAA health data security compliance deadline looms

Is your company ready for September 23, 2013, the deadline for compliance with HIPAA 2.0? The revised omnibus privacy and security regulations incorporating HITECH expose a lot more companies to possible fines.

HIPAA 9/23 compliance deadline looms as breaches continue

This is a quick reminder that the September 23 deadline for compliance with the new HIPAA regulations is rapidly approaching. Organizations that handle protected health information (PHI) need to be sure they are up to speed on the changes and ready to withstand scrutiny. In general, you will need new NPPs and BAAs (Notices of

More on HIPAA is not privacy

Back in January I blogged about a shortcoming of HIPAA. HIPAA legislation is, in part, supposed to help protect our privacy when dealing with health care providers. Unfortunately there is a hole in the legislation that you can fly a Boeing 747 through. May of us have to log on to a web site to

Mobile health IT security challenge: way bigger than HIPAA?

Wearable technology and other health-related devices were big at the 2015 Consumer Electronics Show (CES) earlier this month. This recorded webinar explains why these and related technologies present big challenges for data privacy and security.

HIPAA is not privacy

Many people in the US associate HIPAA with the rules required to protect medical data. It actually is a lot more than that, but the HIPAA laws do require some minimal standards for medical providers. I recently came across an example of where HIPAA is ineffective. The medical providers are required to protect your data,

The state of healthcare IT security: are Americans concerned enough?

The privacy and security of medical records is a matter of concern to many Americans now that most are now stored electronically, but is there cause for concern? And who is most concerned?

Encryption essential for cyber security: A million reasons to encrypt sensitive data

Encryption is essential to cyber security today, with encryption of personally identifiable information (PII) being a top priority for organizations large and small, to protect customers and avoid fines and penalties after data breaches.

Is cybersecurity by fiat dead on arrival?

Are legislation and regulation a viable means of making people and organizations do better at securing data systems and devices? I’m not talking about FIAT the car maker, but fiat: “an official order given by someone who has power.” How’s that working in light of NIST CSF and HIPAA?

Encryption advice for companies in the wake of Snowden NSA revelations

What are the immediate practical implications of the Snowden-prompted revelation that the NSA has broken or circumvented a lot of commercially available encryption? For a start, you should not stop using encryption, but you may want to review how you use it moving forward, Stephen Cobb explains.

How can doctors practice better health information security?

Did you know that medical data on 20,000 people may be exposed to abuse today? As a healthcare practitioner, you may not be aware of the value of the data in your care, but criminals certainly are.

Military Health Records Deserve Better Than This

Most people would agree that personal information, particularly health information, especially that pertaining to the brave men and women who serve in our armed forces, should be treated with care and protected from prying eyes at all times. But what should happen if this information is compromised? Surely we should do whatever we can to make sure no harm

Healthcare IT security: infographic stats point to big privacy holes

An infographic of recent healthcare IT security statistics paints a striking picture of much security work yet to be done, even as new medical privacy regulations go into effect.

The Good News About Security and Privacy Breaches: An Opportunity to Learn

Last week there was a report of a "health data breach" at Indiana University School of Medicine, hot on the heels of the "medical privacy breach" the week before at Stanford Hospital in Palo Alto, California. In the Stanford breach, a commercial website was found to contain data relating to 20,000 emergency room patients including

Sharing versus Security: Driving without Brakes

Does the enterprise still have a choice about sharing information?

1000 days of Conficker

Nearly three years old, the Conficker worm continues to pose a threat to PCs. Aryeh Goretsky wants to know why this is, and what can be done about it.

Cyber security road map for businesses

Basic advice on cyber security survival for businesses is presented as a 6-step roadmap, along with links to free resources that can be useful in your efforts to defend your business.

GDPR Day: countdown to a global privacy and security regimen?

This thing called GDPR will impact data security and privacy policy at many US firms when it takes effect two years from today. Start learning what the EU General Data Protection Regulation means to your business.

ESET predictions and trends for cybercrime in 2016

It’s that time of the year when the information security industry takes part in its annual tradition: coming up with cybercrime predictions and trends for the next 12 months.

Cyber risk analysis, assessment, and management: an introduction

Risk analysis is the first step towards managing risks, particularly when it comes to cyber risks. This recorded webinar introduces and explains key concepts, with links to several useful risk assessment tools.

OFAC! An acronym that cybersecurity professionals need to know

OFAC will soon be enforcing economic and trade sanctions against individuals and groups outside the United States that use cyber attacks to threaten U.S. foreign policy, national security or economic stability.

Copyright © 2016 ESET, All Rights Reserved.