An advisory panel wants a multi-factor authentication requirement included in Stage 3 of the HITECH Act electronic health record program. Find out under what circumstances that requirement would apply.
"With a company-issued device, you can issue a policy that says users have no rights of privacy over information on the device," says Javelin's Tom Wills. But with employee-owned devices? A whole new set of issues.
A preliminary draft of new online authentication guidance from the Federal Financial Institutions Examination Council puts greater responsibility on the shoulders of financial institutions to enhance security.