Is Healthcare IT Security on Life Support?

January 13, 2012 Added by:Rafal Los

As costs pile up from beaches, innovation suffers. Ask someone who runs a hospital network - the true cost of innovation slow-down can be counted in lives. Maybe I'm being a little dramatic, but I suspect this is closer to reality than we'd like to admit to ourselves...

Comments  (0)


Do Subpoenas Trump HIPAA or Trample Security of PHI?

January 12, 2012 Added by:Rebecca Herold

I’ve spoken to many business leaders over the years, and most have gotten serious about ensuring safeguards are in place when putting their signatures on attestations and other types of legally binding documents. So, you need to have documented procedures in place...

Comments  (0)


Standards, Audits, and Certifications: Which One is Right?

January 10, 2012 Added by:Jon Long

Many are confused about when to use ISO 27001 certification, PCI certification, SOC 1 (aka SSAE16), SOC 2 & 3, NIST, and CSA STAR. If the information security community cannot decide which one to standardize on, how can customers be expected to know what to do?

Comments  (16)


Medical Device Security: Killed by Code

January 04, 2012 Added by:Danny Lieberman

I’ve been talking to our medical device customers about mobile security of implanted devices for over a year now. I think it’s only a question of time before we have a drive by execution of a politician with an ICD (implanted cardiac device)...

Comments  (0)


Medical Device Security

December 27, 2011 Added by:Danny Lieberman

A threat analysis was performed on a medical device used in intensive care units. The analysis considers the security implications of deploying the devices inside a hospital network. Different stakeholders have different security and compliance concerns and therefore different agendas...

Comments  (0)


HIPAA Security Rule Toolkit Available from NIST

December 21, 2011 Added by:Headlines

"The NIST HIPAA Security Toolkit Application is intended to help organizations better understand the requirements of the HIPAA Security Rule, implement those requirements, and assess those implementations in their operational environment..."

Comments  (1)


Are Your Health Records at Risk?

December 14, 2011 Added by:Christopher Burgess

Have we now arrived at the point in obtaining medical care that in addition to looking into the medical practitioner's experience and confirming they are compliant with HIPAA, that we now must review their data handling policies before choosing a health care provider?

Comments  (0)


HIT Security: Conclusions in a Contradictory Report-Sandwich

December 02, 2011 Added by:Ed Moyle

The barometer that the Ponemon study uses (i.e. breach disclosures, breach impact) could actually be an indicator of better security instead of worse. It could be the case that breaches are on the rise because we're finding them more because not looking for them so violates federal law...

Comments  (0)


HIPAA Tool Helps Organizations Meet Security Requirements

November 30, 2011 Added by:Headlines

A new tool, developed by the NIST is intended to be a resource that organizations can use to support their risk assessment processes by identifying areas where security safeguards may be needed to protect EPHI, or where existing security safeguards may need to be improved...

Comments  (0)


Healthcare Data Breach Response Best Practices

October 30, 2011 Added by:Christine Arevalo

Taking a PHI inventory, establishing an Incident Response Plan, meeting patients' real needs, and looking for the positive aspects of a data breach can all reflect your culture of commitment and caring. And that's the best practice of all...

Comments  (0)


How FERPA Compares to HIPAA

October 26, 2011 Added by:David Sopata

Even through HIPAA has been around since 1995 it really had not gained momentum until the past few years when fines started being issued. However, there is a privacy law that has been on the books for much longer than HIPAA and it is the Family Educational Rights and Privacy Act or FERPA...

Comments  (0)


HHS to Start Auditing For HIPAA Compliance

September 14, 2011 Added by:Emmett Jorgensen

Despite both HIPAA and the HiTECH Act, healthcare data breaches have been popping up regularly. A recent study found over 70% of hospitals had data breaches last year. This has generated concern over Healthcare’s adoption of security procedures and the overall effectiveness of HIPAA...

Comments  (4)


Privacy and Security Policies: A HIPAA-HITECH Checklist

July 24, 2011 Added by:Jack Anderson

"An important component of preparing for a potential HIPAA compliance audit is to complete a walk-through to make sure privacy and security policies and procedures are practical and effective..."

Comments  (0)


Patient Data: The Crown Jewels

July 21, 2011 Added by:Christopher Burgess

When the first five months provides a rate of one million records a month in lost patient data, by year’s end five percent of the US population will have had their medical records compromised. We have no choice but to take action now and keep the second half of 2011 from replicating the first...

Comments  (0)


Why Windows is a Bad Idea for Medical Devices

July 12, 2011 Added by:Danny Lieberman

Vendors that use Windows for less critical devices are actually increasing the threat surface for a hospital since any Windows host can be a carrier of malware, regardless of it’s primary mission function, be it user-friend UI at a nursing station or intensive care monitor at the bedside...

Comments  (0)


UCLA Health System Pays $865K to Settle HIPAA Violations

July 10, 2011 Added by:Rebecca Herold

“Covered entities need to realize that HIPAA privacy protections are real and OCR vigorously enforces those protections. Entities will be held accountable for employees who access protected health information to satisfy their own personal curiosity..."

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »