Healthcare Information Security Podcast

HIPAA compliance audits will resume within about a year once results of a recently completed pilot program are reviewed, says Leon Rodriguez, director of the Department of Health and Human Services' Office for Civil Rights.

Healthcare organizations need to more closely monitor how their business associates protect the security of patient information and step up risk assessments as they prepare to comply with looming HIPAA modifications, says attorney Lisa Sotto.

It's as much about people as it is technology for organizations to successfully implement a continuous monitoring program, says George Schu, senior vice president at Booz Allen Hamilton.

From point-of-sale hacks to malware and DDoS attacks, the top cyberthreats of 2012 have been aggressive and strong. Is it time for organizations to adopt a "hack back" strategy against perceived attackers?

Former FBI cyber unit chief Tim Ryan sees mounting dangers from the insider, acknowledging undiscerning employees who don't follow proper processes can cause devastation. But he says the actions of those with malicious intent can be more catastrophic.

McAfee CPO Michelle Dennedy and Intel CISO Malcolm Harkins work for the same company, but in some ways they are worlds apart. How must privacy and security leaders bridge gaps to face challenges ahead?

Developing a bring-your-own-device policy that's well-integrated with an organization's overall information security strategy requires a multi-disciplinary, collaborative approach, says attorney Stephen Wu.

What are the key skills and tools forensics pros use in probing a data breach? What can we learn from recent breaches? Rob Lee of SANS Institute walks us through a typical forensics investigation.

An executive at a bank in New Jersey that was battered by Hurricane Sandy offers lessons learned, including the importance of having a well-tested, detailed business continuity plan.

Cloud-based botnets and mobile malware are two of 2013's top cyberthreats. What other threats make the list? Georgia Tech's Paul Royal tells how security pros and organizations can prepare.

An important lesson in the aftermath of Superstorm Sandy is the need to beef up contingency plans, including making sure staff members are cross-trained, says Deborah Kobza, CEO of the National Health Information Sharing and Analysis Center.

The kind of detailed data analysis that helped statistician Nate Silver predict accurately the outcome of the U.S. presidential election could help enterprises using cloud-based SIEM to identify vulnerabilities, says Cloud Security Alliance's Jens Laundrup.

To know how best to respond to IT and communications failures, incident response pros first must collect information on such incidents, says Marnix Dekker, who co-authored a new report for ENISA.

Social media platforms are ever-evolving. But organizations' and individuals' use of social media has not evolved and may create new risks, says educator Sherrie Madia. How should we manage these risks?

The FDA's proposed Unique Device Identification System could help the agency and healthcare providers more easily identify medical device safety issues, including malware threats, says agency official Jay Crowley.

To know how best to respond to IT and communications failures, organizations first must collect information on such incidents, says Marnix Dekker, who co-authored a just-issued report on incidents for ENISA.

One of the biggest IT security challenges enterprises will face in the coming years will be assuring the integrity of the computer products they purchase, says Gartner Fellow Neil MacDonald.

How big of a role did health information exchanges play in providing access to records during Superstorm Sandy, and what lessons can be learned? Federal officials will address these questions, says HIE expert Lee Stevens.

It's been compared to the 'perfect storm,' but Hurricane Sandy is unlike any storm we've seen, says Alan Berman of DRI. He believes organizations have planned well for recovery.

Hurricane Sandy threatens buildings, staff and data alike, posing a daunting challenge to business continuity pros. Disaster recovery expert Regina Phelps offers tips for weathering the storm.