Notifying patients about a healthcare information breach requires a "difficult balancing act" by entities to ensure that risks are not exaggerated, says attorney Robert Belfort, an expert in HIPAA compliance, fraud and abuse.
A breach is a disaster, says business continuity specialist Ken Schroeder. So organizing an effective breach-response team does not require a reinvention of the wheel. What it does require is a holistic approach.
It's not a question of if employees will bring their own mobile devices to work and connect to your systems. It's a matter of when. But the benefits of BYOD outweigh the risks, says Malcolm Harkins, CISO of Intel.
Fraud threats have changed little in the past decade. But their global scale has, and James Ratley, president of the ACFE, details how fraud examiners must change their approach to fighting these crimes in 2012....
A federal appeals court has ruled in favor of victims of the 2007 Hannaford data breach. Attorney Ronald Raether explains the ruling and what it potentially means to future breached entities and their customers.
If management awareness of information security issues increases, will an organization's commitment to securing practices and policies also increase? This is the question answered by an eye-opening new study.
The lack of uniformity in federal and state privacy and security requirements is creating major challenges for health information managers attempting to comply, says Lynne Thomas Gordon, the new CEO of the American Health Information Management Association.
Deven McGraw, co-chair of the Privacy and Security Tiger Team that's advising federal healthcare regulators, explains why she's frustrated by delays in rolling out new regulations to protect electronic health records and safeguard the exchange of patient information.