Access your Pro+ Content below.
Is HITECH Act a game changer?
This article is part of the March 2010 issue of Information Security magazine
Health care organizations have had to comply with HIPAA's security and privacy requirements for several years now, but compliance depended on who you talked to. Some companies took the regulation very seriously and worked hard to secure protected health information (PHI). For others, security was far down on the list of priorities, if on the list at all. But how could you blame them? The requirements aren't specific and there was little enforcement to speak of. The HITECH Act aims to change that that with its increased penalties for HIPAA non-compliance and broader enforcement. But will it really be a game changer and increase information security in the health care industry? It's critical that more health care organizations make an effort to protect sensitive health information. A breach that exposes a patient's confidential data could have serious and lasting consequences. As Khalid Kark, vice president and principal analyst at Forrester Research points out, health care records aren't like credit cards, which can be cancelled ...
Features in this issue
HIPAA security compliance has been a mixed bag but HITECH ups the ante
Integrating security information management systems with identity management systems ties policy violations and vulnerabilities to user activity
Learn how to develop an effective information security metrics program and pitfalls to avoid.
Knowledge-based authentication helps catch fraud, but the authentication technology poses customer privacy issues.
Columns in this issue
The HITECH Act increases penalties for a lack of HIPAA security compliance but will it really improve health care security?
A successful career in information security requires an effective information security career plan
Organizations must enhance network intrusion detection systems with supporting processes to uncover genuine threats