Access "Perspectives: Lack of enforcement undercuts HIPAA"
This article is part of the December 2006 issue of What's your biggest information security concern?
Without enforcement or financial incentives for compliance, HIPAA is toothless. I recently had an enlightening meeting with some of the physicians at my organization. I originally called the meeting to discuss the upcoming deployment of RFID-based, single sign-on authentication tokens in their department. We were supposed to talk about how this technology was going to make accessing clinical data easier, make our electronic records more secure and provide better HIPAA compliance. It was supposed to be a win-win situation. I was wrong. As I began to explain the benefits of the technology, the head physician cut me off. He bluntly said he didn't believe HIPAA was important and that he would not follow any policies because he didn't believe anyone would indict a physician over a security violation. He said all of the physicians in his area shared their passwords, and sometimes one physician would remain logged in on all of the department's computers so everyone had access to applications. I explained this action was a violation of company policy and that this ... Access >>>
Premium Content for Free.
Finding the best security testing tools for product evaluation
Learn how you can use new information security tools to examine security products and investments, such as IPS, firewall or VPN gateway.
Risk Management: Skybox Security's Skybox View 3.0
Read a security product review of Skybox Security's Skybox View 3.0.
by Steven Weil, Contributor
Third Brigade's Deep Security 4.5
Intrusion Detection: Lancope StealthWatch 5.5
Lancope's Lancope StealthWatch 5.5
Protect What's Precious
We asked and you answered: Insiders, information leaks, compliance and the bottom line are your front-and-center priorities for 2007.
- At Your Service: December 2006 managed services security news
Reconnex's iGuard v5 security tool review
by Tom Bowers, Contributor
Product review of Reconnex iGuard v5, a data protection security tool used for information leaks, compliance, perimeter security, traffic analysis and tracking.
- Finding the best security testing tools for product evaluation
Security Products Latest Version Releases: CipherTrust, Infoblox
Get news on the latest version product releases; get setup, pricing and configuration info from vendors such as CipherTrust, Infoblox and Safend.
Secure Reads: Multimedia Fingerprinting Forensics for Traitor Tracing
Read a quick review of Multimedia Fingerprinting Forensics for Traitor Tracing.
Automated data classification drives security, storage convergence
Data classification products from a variety of startups are leading efforts to increase convergence of security, compliance and storage management.
Antimalware: Prevx's Prevx1
Avoiding Audit Failure: Getting Advice on PCI Compliance Mistakes
Get advice from auditors on how to avoid audit failure and get PCI DSS compliant to prevent a security breach.
- Security 7, 'Best In Show' Shine
- Security Products Latest Version Releases: CipherTrust, Infoblox
Editor's Desk: More threats and more dollars
Holiday Cheer or Fear?
PING: Bernard Donnelly
Read an interview with Bernard Donnelly, vice president of quality assurance for the Philadelphia Stock Exchange.
Perspectives: Lack of enforcement undercuts HIPAA
A lack of HIPAA enforcement makes physicians unwilling to change habits that threaten the security of data.
Layer 8: Security managers come into their own
- Editor's Desk: More threats and more dollars
More Premium Content Accessible For Free
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...