The HIPAA Omnibus Rule stresses the need for business associates to adequately safeguard patient information. What are the implications? Here's what a federal privacy officer and a consumer advocate have to say.
In this week's breach roundup, read about the latest incidents, including a breach at Educause that exposed hashed passwords, and a theft at Crescent Healthcare's billing center that involved patient data.
The big, external breaches get the headlines, but the insider crimes are doing significant financial damage, says Tim Ryan of Kroll Advisory Solutions. How can organizations address the insider threat?
Paige Leidig, chief marketing officer of CipherCloud, says information protection requirements continue to be the primary hurdle for enterprise adoption, despite explosive growth in the cloud content and collaboration market and its evident advantages to productivity and cost efficiencies.
Your organization has been attacked or threatened, and you can trace the actor. Should you "hack back" in response? Two noted information security and privacy attorneys discuss the merits of active defense.
Because managing identities is a global problem, it requires a global solution, says Paul Simmonds of the Jericho Forum. A new organization has been established to address global identity. Simmonds offers insight.
Call center fraud is increasing, and it's not just financial institutions feeling the pain, says Pindrop Security's Matt Anthony. Now, a database of phone numbers aims to help organizations mitigate risks.
CISOs looking for a way to build credibility with senior executives - and win funding for important projects - need to drop the "just say no" approach and build a reputation as a team player, says security professor Ray Davidson.