Amidst the hepatitis C outbreak at Exeter Hospital in New Hampshire, we need to ask: How could this happen? How could a medical technician even be hired after being fired at least twice by other hospitals?
After a breach, some organizations meet the minimum requirements for notification and then hope for the best. The Utah Department of Health is taking a very different approach that's worthy of imitation.
President Obama endorses the Cybersecurity Act of 2012 despite the removal of provisions from an earlier version of the bill that would have given the federal government authority to regulate the mostly privately owned critical national IT infrastructure.
Debate surrounding the Cybersecurity Act has focused on whether the government should regulate privately owned, critical IT systems. But the bill also would make significant changes on how government governs IT security, co-sponsor Sen. Tom Carper says. See how.
"If I came into this job thinking the way I once thought, I'd be worthless," RSA Chief Information Security Officer Eddie Schwartz says. "If your playbook as CISO has not changed in the last seven years ... you're in deep trouble."
Removing provisions from the original bill to grant the federal government authority to impose standards on the mostly privately-owned critical IT infrastructure is a concession to win votes from Republicans, who oppose regulation.
One of the final rules for Stage 2 of the HITECH Act electronic health record incentive program has moved a step closer to publication. The Office of Management and Budget is now reviewing the meaningful use rule.