"Raising the security awareness of your workforce is your best defense against having a breach incident," says David Holtzman, who's on the federal team that enforces the HITECH Act breach notification rule.
Well-publicized health information breach incidents are serving as important reminders that paying attention to the physical security of data centers is a vital component of any information security strategy.
Three recent breach incidents, each involving the loss or theft of back-up drives, illustrate that some organizations are doing a better job than others in informing consumers about the steps they're taking to prevent more breaches.
Although many organizations are using encryption to protect data on mobile devices, they're often overlooking other important ways to prevent health information breaches, says Terrell Herzig, information security officer at UAB Medicine.
Clinics applying for HITECH Act electronic health records incentive payments are getting a reminder about the importance of information security, says Robert Tennant of the Medical Group Management Association