PHI Protection Network (PPN) Forum - the event for best practices to protect sensitive patient info

by Rick Kam

If you are a compliance or privacy officer of a hospital or work in a health care entity that is responsible for managing patient data, you need to attend the PPN Forum.  In just one day, you will learn the current and future threats causing PHI data loss incidents as well as the best practices to effectively remediate breaches and mitigate the risk of harm to affected patients.

Read More »

Fourth Annual Benchmark Study on Patient Privacy and Data Security.

by Larry Ponemon

Today we are releasing our Fourth Annual Benchmark Study on Patient Privacy and Data Security. We hope you will read the report sponsored by ID Experts that reveals some fascinating trends.

Read More »

Latest Ponemon Study Shows “Leaky Bucket” Approach to Managing New Threats

by Rick Kam

It’s been a year since the HIPAA Omnibus Final Rule was issued. Kudos to the healthcare organizations that have made strides toward compliance. But shifting threats and risks, as revealed in the newly released Fourth Annual Benchmark Study on Patient Privacy and Data Security by Ponemon Institute, are forcing organizations to be reactive, not proactive. It’s like a bucket filled with water and holes. The water keeps spurting out. Every time you patch a hole, a new one forms. The whole process of patching old and new holes is overwhelming and never-ending

Read More »

Edith Ramirez, chairwoman of the FTC, speaks on privacy & security considerations with big data

by Doug Pollack

Friday at the IAPP Global Privacy Summit, Edith Ramirez, chairwoman of the FTC, took questions related to privacy and data security with an initial focus on the challenges posed by so-called "big data".  In the session, she noted that the FTC looks at the issues with big data quite broadly. 

Read More »

IAPP Global Privacy Summit: Preparing for a transformational year in privacy.

by Doug Pollack

With the Target breach in the news what seems like daily since December, the concept of data breach, and it's implications, has now burned itself into the psyche of the American public. 2014 marks the beginning of a new era in how organizations "manage" incidents and disclosures of personal, regulated data.  See the innovative ID Experts RADAR software platform at the IAPP Global Summit and make sure your organization has begun to operationalize the assessment and management of data security incidents. 

Read More »

Are Data Breach Calculators Effective?

by Jeremy Henley

There are plenty of data breach calculators out there for anyone to play with to see how bad a breach might be in terms of costs, but are they accurate?  I think the answer is no, for a variety of reasons; so then the question is: what purpose do they serve?  And why are there so many?  Since they do not have the same results, how do we know which ones to trust? 

Read More »

Don’t Be a Data Breach Target

by Rick Kam

Up to 110 million people were affected by last year’s Target breach. But it’s the retailer that will have to pay the price—possibly $3.6 billion in fines for the breach of approximately 40 million credit and debit cards.

Read More »

CISOs know the importance of operationalizing data incident response

by Mahmood Sher-jan

I was invited to speak about data governance in Boston and Washington DC last week along with multiple groups of security and compliance executives.  Coincidentally the Boston session was on January 28th, which is designated as Data Privacy Day  These sessions were part of data governance roundtable discussions organized by the CISO Executive Network. The scope of discussions ranged from organizational culture to data proliferation to emerging technologies addressing data classification, behavioral threat intelligence, and incident response management. 

Read More »

How Data Breaches Really Happen: Reasons 1 – 1,000,000

by Heather Noonan

How Data Breaches Really Happen: Reasons 1 – 1,000,000

Read More »

HIPAA Omnibus Final Rule: One Year After

by Doug Pollack

The healthcare information management and data breach community was put on notice last year from regulators that they would be expecting much great focus on and performance in securing patient health information (HIPAA protected health information, or PHI) and managing the privacy of patient data from healthcare organizations (HIPAA covered entities) and their business and technology partners (HIPAA business associates) going forward. I thought I’d take a look in this post of what 2013 brought us, and what to expect as we plunge forward into 2014.

Read More »
Page 2 of 33 pages   <  1 2 3 4 >  Last »