Security vendor products are held to a higher standard of security. They must help their customers solve complex security problems, as well as have the most stringent security measures in place throughout the software development lifecycle. To meet those standards, many security vendors are turning to more innovative...
Federal regulators have clarified that the use of texting to place orders, such as for medications or tests, on any platform - secure or not - is not allowed when treating Medicare and Medicaid patients. Security experts weigh in on key issues to consider when using texting for other purposes.
Personal details for 30,000 Medicaid recipients in Florida may have been exposed after a government employee fell victim to a phishing attack, state officials warn. The information could potentially be used to file false Medicaid claims.
Federal regulators have released a draft of a trusted health information exchange framework with some detailed security components that go beyond HIPAA requirements. The goal is to advance secure national health data exchange so that clinicians have quicker access to potentially life-saving information.
Despite receiving requests to better align a federal rule regarding the confidentiality of substance abuse records with the requirements of HIPAA, federal regulators only made minor tweaks to the confidentiality rule. Some experts say Congress would have to take action to pave the way for further changes.
In the Face of Advanced Threats, is Your Organization's Security Posture Reactive or Proactive?
Today's most advanced threat actors - whether external or internal - are stealthier than ever and able to hide within one's systems for days, weeks or even months as they gather intel and prepare to strike. Sixty-one...
SSH keys provide the highest level of access rights and privileges for servers, applications and virtual instances. Cyber criminals want this trusted status and invest considerable resources into acquiring and using SSH keys in their attacks.
Even though SSH keys are the credentials that provide the most privileged...
"Machines" as we know them are going through an identity crisis. Our increased dependence on them is so profound that even the definition of machine is undergoing radical change. The number and type of physical devices on enterprise networks has been rising rapidly, but this is outstripped by the number of...
In an usual move, federal regulators have made arrangements to have a cyber insurer cover a $2.3 million HIPAA penalty on behalf of a bankrupt cancer care clinic chain, 21st Century Oncology, which also signed false claims settlements totaling $26 million.
Crowdsourced cybersecurity, specifically bounty-based collaboration between organizations and white-hat hackers, is a burgeoning method of security reinforcement utilized by tech giants such as Google, Apple, and Microsoft, as well as other major companies in recent years.
Instead of awaiting a malicious breach,...
Two Indiana attorneys, frustrated by delays in obtaining patient records on behalf of clients, are seeking more than $1 billion in damages in a lawsuit alleging 60 hospitals in the state fraudulently received HITECH Act electronic health record incentive payments.
Some legal experts say a nearly $1 billion class action lawsuit filed against electronic health records vendor eClinicalWorks could be the first of many cases scrutinizing the data integrity issues of EHR vendors. Others, however, contend that those filing such lawsuits will face many hurdles.
The new FHIR standard is designed to help ease the exchange of health data among healthcare organizations across the nation. But there's one problem: The standard lacks a strong security component. That's why federal regulators have launched a competition to devise ways to enhance security for FHIR.