Are legislation and regulation a viable means of making people and organizations do better at securing data systems and devices? I’m not talking about FIAT the car maker, but fiat: “an official order given by someone who has power.” How’s that working in light of NIST CSF and HIPAA?
This is a quick reminder that the September 23 deadline for compliance with the new HIPAA regulations is rapidly approaching. Organizations that handle protected health information (PHI) need to be sure they are up to speed on the changes and ready to withstand scrutiny. In general, you will need new NPPs and BAAs (Notices of
What are the immediate practical implications of the Snowden-prompted revelation that the NSA has broken or circumvented a lot of commercially available encryption? For a start, you should not stop using encryption, but you may want to review how you use it moving forward, Stephen Cobb explains.
An infographic of recent healthcare IT security statistics paints a striking picture of much security work yet to be done, even as new medical privacy regulations go into effect.
Is your company ready for September 23, 2013, the deadline for compliance with HIPAA 2.0? The revised omnibus privacy and security regulations incorporating HITECH expose a lot more companies to possible fines.
Most people would agree that personal information, particularly health information, especially that pertaining to the brave men and women who serve in our armed forces, should be treated with care and protected from prying eyes at all times. But what should happen if this information is compromised? Surely we should do whatever we can to make sure no harm
Last week there was a report of a "health data breach" at Indiana University School of Medicine, hot on the heels of the "medical privacy breach" the week before at Stanford Hospital in Palo Alto, California. In the Stanford breach, a commercial website was found to contain data relating to 20,000 emergency room patients including