"Until they personally suffer pain, they don't think it is something that can happen to them," says Eric Cole, an insider threat expert and SANS Institute faculty fellow.
Community hospitals must become more vigilant about information security, especially as they apply for federal electronic health records incentive payments, says Chuck Christian, CIO at Good Samaritan Hospital in Vincennes, Ind.
The recent WikiLeaks release of thousands of sensitive government documents puts security leaders on notice: The breach threat is real, and no organization is immune.
Staff training, aggressive breach prevention efforts and strong sanctions for violating policies are key to creating a corporate culture that values privacy and security, says Alan Dowling, the new CEO of the American Health Information Management Association.
Information security incidents are more sophisticated - and so are the criminals who perpetrate them. This raises the bar for professionals seeking careers in incident response in 2011.
Healthcare organizations need to improve the methods they use to objectively assess the severity of a security incident and whether it should be reported, says David Parks, a privacy officer and attorney.
When it comes to managing relationships with business associates to help with HITECH Act compliance, healthcare organizations could learn some lessons from the banking industry.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
