Healthcare Information Security Podcast

Organizations mulling the purchase of cyber insurance should vet their brokers to see if they truly understand policies that provide breach protection, cyber liability lawyer Richard Bortnick says.

The iPhone 5 is coming, and so are a slew of new or upgraded smart phones and tablets. How should security leaders prepare for this new wave of mobility? Malcolm Harkins, CISO of Intel, offers advice.

Thor Ryan, chief security officer at the Alaska Department of Health and Social Services, offers lessons learned as a result of his organization's $1.7 million settlement following a HIPAA compliance investigation triggered by a small breach incident.

Visa's new end-to-end encryption service aims to eliminate payment card data at the merchant level. Eduardo Perez of Visa's Risk Group discusses the security value of this emerging solution.

The information security threat landscape has evolved considerably over the past six years, and it's time that organizations' defenses evolve to match them, says Tom Kellermann of Trend Micro.

To address the security and privacy challenges magnified by the velocity, volume and variety of big data, the Cloud Security Alliance has formed a big data working group. What are the group's objectives?

What's the best way to prepare to comply with HITECH Stage 2 privacy and security requirements? Federal privacy officer Joy Pritts advises healthcare organizations to start by conducting a thorough risk assessment.

Which employees are most apt to commit cyberfraud, and how can organizations detect and prevent their crimes? Researcher Randy Trzeciak shares insights and tips from a new insider threat study.

Nine organizations in western Pennsylvania are taking a customized approach to health information exchange that leverages the security technologies they already have in place, says Chris Carmody, who heads the effort.

As Tropical Storm Isaac strikes, many organizations still sting from the impact of Hurricane Irene and 2011's other natural disasters. What lessons were learned, and how can they be applied now?

Healthcare organizations need to rethink security best practices and tap new technologies as a result of the growth in health information exchange and the use of mobile devices, says researcher Carl Gunter.

One takeaway from the $1-billion-plus verdict against Android-maker Samsung for infringing Apple patents is that the users of infringed technology also could be held legally liable, patent attorney Jim Denaro says.

E-mail, IM, text messaging - we all increasingly depend on messaging technologies. And so do the fraudsters. Craig Spiezle of the Online Trust Alliance discusses how to mitigate our vulnerabilities.

Ron Ross, the NIST IT security and risk guru, sees cloud computing as a vehicle to help organizations implement an information risk management framework.

By combining responsible management, risk management and compliance functions and internal audits, organizations will go far in securing their data and systems, says PricewaterhouseCoopers Partner Carolyn Holcomb.

Accountable Care Organization participants that are sharing information while collaborating on patient care must keep privacy and security top-of-mind, says Bill Spooner, CIO at Sharp HealthCare, an ACO participant.

The Wisconsin Health Information Exchange uses a hybrid data model approach that lets members retain control over information, but makes security less complicated, says CEO Kim Pemble.

The Office of the National Coordinator for Health IT is studying use of mobile devices in small healthcare environments. The goal: new mobile security guidance that will be released in 2013.

When two organizations merge, their top security/privacy challenge doesn't necessarily involve technology. Sometimes it's culture, says Christopher Paidhrin of PeaceHealth Southwest Medical Center.

People with good analytical backgrounds that understand regulatory compliance are in demand. Their counterparts - defenders of IT systems - will always be in demand. "We need the tens of thousands that can manage those defenders and then we need 100,000 that are out there learning the trade, that are passionate about what they do and that are willing to put in the extra hours to keep the citizens of the nation and the state secure," Dan Likarish, assistant professor and program chair of the IT department at CO-based Regis, says. In an exclusive interview about information assurance and why the job market for information assurance professionals has seen astounding growth, Likarish discusses: Opportunities for information assurance professionals; Trends impacting information assurance education; Best options for someone to get into the information assurance profession.