Improving regulatory compliance efforts is the No. 1 information security priority for healthcare organizations in the year ahead. That's a key finding of the inaugural Healthcare Information Security Today survey.
"It should provide fuel for anyone calling for data breach legislation to include criminal sanctions ...," says Neal O'Farrell of the Identity Theft Council. "This was nothing short of a clumsy cover-up."
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
About 4.9 million patients treated in San Antonio area military treatment facilities since 1992 have been affected by a health information breach involving the theft of backup tapes for electronic health records.
With the announcement of a breach affecting 4.9 million patients in the Defense Department's TRICARE healthcare program, there have now been five incidents that each affected at least 1 million individuals since the HIPAA breach notification rule took effect.
A new report to Congress about major healthcare information breaches shows that federal officials have yet to complete their investigations of corrective actions taken in the wake of 70 percent of incidents.
As of Aug. 22, 306 major health information breaches affecting a total of almost 11.7 million individuals were included in the official federal tally. Fourteen incidents affecting a total of about 270,000 were added since July 22.
In order to comply with regulatory obligations all financial organizations should encrypt sensitive and confidential data anywhere it might be found or sent. But the ROI is not just compliance. Encryption can not only provide a solid defense against data breaches, but it can generate a positive return and create new...