Healthcare Information Security Podcast

A risk analysis should not be an annual event, but rather an ongoing process that's revisited whenever a healthcare organization adds or changes any application. That's the advice of Kenneth Bradberry, vice president and chief technology officer at ACS, a consulting firm recently acquired by Xerox. In an interview during the HIMSS Conference in Atlanta, Bradberry said: Compliance with the HITECH Act should begin with "good security practices at every layer," including infrastructure and application delivery; Encryption is paramount, especially as clinicians gain access to electronic health records via mobile devices; and Larger organizations need a full-time chief information security officer.