Healthcare Information Security Podcast

Google's $22.5 million settlement with the Federal Trade Commission is the largest fine ever imposed by the FTC. But the case sends a bigger message about privacy, says attorney Francoise Gilbert.

CSC's Sam Visner sees organizations, in growing numbers, thinking more intelligently about cloud computing, its security and architecture. Yet, he says, they're being very deliberate in their approach in adopting cloud computing.

How will a coalition of 21 private insurers, government agencies and others work together to thwart healthcare insurance fraud? Lee Arian of WellPoint provides some insights.

The benefits from employing social media as a way to connect with stakeholders outweigh the risks, says David Bradford, the editor of a new survey of risk managers. Still, he says, the risks must be adequately addressed.

The United States - and other advanced societies - shouldn't let the reliability of their electric grids lull them into being unprepared for possible massive power outages caused by cyberattacks, cybersecurity expert Harry Raduege says.

There have never been so many job opportunities for privacy professionals. Nor have there ever been so many challenges. Trevor Hughes of the IAPP discusses what it takes to grow a privacy career.

Her first nine months on the job included a data breach and a CEO shakeup. Hear how Symantec CISO Patricia Titus has adapted to business change and re-focused the company's security team.

Now that Congress has failed to enact significant cybersecurity legislation, President Obama needs to find new ways to secure key government and business IT systems, says Melissa Hathaway, a former top White House cybersecurity adviser.

Maine's health information exchange uses a centralized data architecture that offers security advantages over other models, contends Devore Culver, CEO.

Microsoft says its next version of the Internet Explorer web browser will feature "do not track" as a default user setting. What are the online privacy implications? Trevor Hughes of the IAPP weighs in.

As more consumers take advantage of mobile devices for telemedicine, they need to be educated on steps to take to help ensure that their medical information remains secure, says telehealth expert Chuck Parker.

The truth about preventing a breach, like the advanced-persistent-threat attack RSA experienced in 2011, is that an organization can't defend critical systems alone, says RSA CISO Eddie Schwartz.

The New England Healthcare Exchange Network, one of the nation's oldest health information exchanges, is continuing to use a federated data architecture model to help protect patient data as it broadens the transactions it accommodates, says Sira Cormier, program director.

The number of phishing sites is at an all-time high. And so are the targeted brands. The message, says Peter Cassidy of the Anti-Phishing Working Group: "No brand is safe."

ISACA just issued COBIT 5 for Information Security, a business-centric approach to governance and IT management. ISACA's Robert Stroud explains what COBIT 5 means to your organization.

When it comes to breach planning and response, well-intentioned organizations often go wrong. Experian Data Breach Resolution VP Michael Bruemmer tells where they fail and offers advice on how to do these important jobs right.

RSA CISO Eddie Schwartz says he spends more time talking to other chief information security officers and IT security practitioners today than he did a decade ago, when he held the same job at Nationwide Insurance Co.

Too many organizations that experience a data breach fail to reveal information on the cause of the incident so that consumers can take appropriate action, one consumer advocacy group contends.

Acquiring information security wares gets more complicated every day - some 1,000 vendors offer 150 categories of products - so it's unreasonable to expect even the most informed chief information security officers to know everything about them.

John Halamka, M.D., one of the nation's leading healthcare CIOs, says a top compliance project for this summer is improving mobile device security at Beth Israel Deaconess Medical Center in Boston.