2011 has offered quite a number of tough lessons for security professionals. Here at (ISC)2, where security education is our focus, the close of another year raises the old teacher's question: "What have we learned, class?"
A new, free HIPAA Security Rule Toolkit is designed to help healthcare organizations conduct a thorough risk assessment, says Kevin Stine, who helped guide the project for the National Institute of Standards and Technology.
The National Institute of Standards and Technology is offering a free online HIPAA Security Rule Toolkit, a self-assessment tool that's designed to help healthcare organizations and their business associates comply with the rule.
In addition to the negative publicity associated with being included on the federal tally of major health information breaches, some organizations are experiencing yet another impact of breaches: class action lawsuits.
Just four months after agreeing to pay an $865,000 penalty for a series of HIPAA violations, UCLA Health System has revealed a breach incident involving the theft of an external hard drive from a former employee's home.
TRICARE, the military health program, has directed its business associate, Science Applications International Corp., to offer one year's worth of free credit monitoring and restoration services to the 4.9 million affected by a recent breach.
IT security practitioners should understand why the bits, bytes and network connections - the technologies - are important to their organization's goals. Ignorance of the mission, for IT security folks, isn't bliss.
Heavily regulated industries like banking and healthcare have been reluctant to make the virtualized leap to the cloud, fearing a loss of control could open them to unforeseen risk. Are their concerns unfounded?