Healthcare Information Security Podcast

IT security and privacy lawyer David Navetta says revelations that mobile devices such as the iPhone, iPad and Android maintain hidden files tracking users locations could pose a threat to organizations, regardless of whether the devices are owned by individual employees, the company or government agency for which they work.

This week's top news and views: Maine Bill Would Require HIE Opt-in; What's Next for the Tiger Team?; Digital IDs Ease Clinical Trial.

From mobile devices to social media and cloud computing, IT governance is all about risk management. "You can't de-risk everything, but you can de-risk the majority of circumstances you will see in normal operations," says governance expert Robert Stroud.

Deven McGraw, co-chair of the Privacy and Security Tiger Team, discusses its most recent recommendations and her views on encryption and asks for suggestions on additional topics to address.

The latest Verizon Data Breach Investigations Report is out, and the good news is: The number of compromised records is down. The troubling news is: The number of breaches is up. Bryan Sartin, one of the report authors, explains why.

This week's top news and views: Privacy, Security Proposals Advance; Mostashari: Leading the Way at ONC; HIE Pioneers to Securely Share Data.

As Congress and the White House look for ways to cut the federal budget, one area that could prove dicey is IT security, contends Department of Homeland Security's Philip Reitinger.

A consortium of five leading healthcare organizations hopes to demonstrate the secure national exchange of health information, says James Walker, M.D. of Geisinger Health System.

ID security expert Tim Rohrbaugh on phishing trends in light of Epsilon breach.

This week's top news and views: Health Net Breach Tops Federal List; Beefing Up Health IT Strategic Plan; Open Source HIE Initiative Described.

Philip Reitinger, the top cybersecurity official in the Department of Homeland Security, is on a mission to help create a new, secure computing ecosystem on the Internet.

David Riley, president of the new Alembic Foundation, explains how the organization is promoting the use of open source software based on the Nationwide Health Information Network standards.

When it comes to e-marketing and the reliance on third parties such as Epsilon, Nicolas Christin of Carnegie Mellon University says banks and merchants should "come clean" about the information they share with outside entities.

Privacy Attorney Lisa Sotto says the Epsilon e-mail breach is a warning about the state of data security employed by some third-party service providers. Strong contracts related to security practices must be the norm, not the exception.

An audio review of some of the most compelling content posted on HealthcareInfoSecurity.com in March, including the Health Net breach investigations.

A comprehensive bill to dramatically change the way the federal government addresses cybersecurity could pass the Senate as early as this summer, Sen. Thomas Carper, who chairs a Senate panel with IT security oversight, says in an interview with GovInfoSecurity.com.

Too many healthcare organizations have overlooked their obligation to comply with the Payment Card Industry Data Security Standard, says security expert Tom Walsh.

This week's top news and views: RSA Clients Manage Risks; Health Breach Tally Hits 8.3 Million Affected; Identity Theft Prevention Strategies.

Terrell Herzig, CISO at UAB Medicine, speaks out on steps steps he's taking in the wake of the RSA SecurID attack.

Chief information security officers must gain buy-in from every business unit for a risk management framework, says Jim Murphy of Caritas Christi Health Care System.