Healthcare organizations should carefully document all necessary breach investigation and notification actions and responsibilities to avoid chaos when an incident occurs, says Dawn Morgenstern, privacy official at the Walgreens national drugstore chain.
2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
Physician group practices, many of which are adopting their first electronic health record system, need to make staff training on privacy and security issues a top priority, says Susan Turney, M.D., the new CEO at the Medical Group Management Association.
Dan Waddell of Tantus Technologies says giving back to the community is every information security professional's responsibility. And with the insurgence of cybercrime affecting all walks of life, now is the ideal time to get started.
To win support for information security spending, IT security professionals need to refine how they make their case to senior executives, says Christopher Paidhrin, security compliance officer at PeaceHealth Southwest Medical Center. Here's how.
ACH fraud victim Mark Patterson says small businesses like his welcome improved online security measures from banking institutions. But is the new FFIEC Authentication Guidance sufficient? Patterson says no.
U.S. and Estonian authorities have broken up one of the largest Internet crime schemes that allegedly netted $14 million in fraudulent advertising fees and infected 4 million computers in 100 countries.
Bank of America's Keith Gordon says securing the mobile channel is much like securing any other banking channel: Controlling risks requires layers of security and controls. But educating customers plays a key security function, too.
An estimated 650,000 customers have recently switched from big banks to community banks and credit unions. But are these smaller institutions prepared for the new demand for security and fraud prevention?
Improving regulatory compliance efforts is the No. 1 information security priority for healthcare organizations in the year ahead. That's a key finding of the inaugural Healthcare Information Security Today survey.