3 Trends From the HIMSS Healthcare Cybersecurity Forum
HealthITSecurity Experts gathered in Boston on December 5 and 6 for the HIMSS Healthcare Cybersecurity Forum to explore topics such as risk quantification, clinical perspectives on cybersecurity, and medical device security. Speakers included leaders from the Health Sector Coordination Council (HSCC), Northwell Health, Forrester, the Federal Bureau of Investigation, the National Institute for Standards...
More Features
3 Strategies for Healthcare Merger, Acquisition Cybersecurity Due Diligence
Healthcare merger and acquisition (M&A) revenue reached a record high in the second quarter of 2022, as more healthcare organizations sought to join forces, improve quality of care, and lower healthcare costs. Conducting due diligence...
How HITECH Recognized Security Practices Boost Healthcare Cybersecurity
A 2021 amendment to the Health Information Technology for Economic and Clinical Health (HITECH) Act required the HHS Secretary to consider certain recognized security practices (RSPs) of covered entities and business associates when...
Top 3 HIPAA Compliance Challenges of This Year
In the years since HIPAA was first enacted in 1996, technological and societal developments have left covered entities with no shortage of compliance challenges. This year was no exception. “This has been quite the year for those who...
3 Ways to Avoid Repeat Healthcare Ransomware Attacks
Healthcare ransomware attacks can result in EHR downtime, data encryption, ambulance diversions, and other disruptions. With patient safety on the line, it is imperative that healthcare organizations work quickly to get systems up and...
Exploring Security, Privacy Team Roles in Healthcare Cyber Incident Response
Effective healthcare cyber incident response and preparedness require strong collaboration between security and privacy teams. Privacy and security experts can leverage one another’s expertise to effectively reduce risk and champion...
Key Ways to Manage the Legal Risks of a Healthcare Data Breach
Healthcare data breaches can result in data theft, reputational and financial losses, and most importantly, patient safety risks. But breaches also come with significant legal implications. Data shows that impacted patients’ lawyers...
Experts Weigh in on Medical Device Security Exit from FDA User Fee Bill
An appropriations bill that will reauthorize US Food and Drug Administration (FDA) user fees is advancing without key medical device security provisions included in the House bill, which passed with overwhelming support in June. The...
What the American Data Privacy and Protection Act Could Mean For Health Data Privacy
After years of fruitless attempts to enact nationwide data privacy legislation, the American Data Privacy and Protection Act (ADPPA) has instilled a new sense of optimism into many privacy professionals who have been championing this type...
How Rural Hospitals Can Tackle Healthcare Cybersecurity Risks
Ransomware, phishing, and breaches are all top-of-mind concerns for healthcare cybersecurity leaders, regardless of organization size or location. But for small, rural hospitals, managing cyber risk can be an even more intimidating task....
6 Healthcare Cybersecurity, Operational Strategies For Successful CISOs
Data breaches and cyberattacks are overwhelming healthcare. Ransomware and phishing attacks are still hurting the sector, even as healthcare organizations work tirelessly to prioritize cybersecurity. Organizations are investing in...
Exploring the HIPAA Privacy Rule’s Right of Access Provisions
The HIPAA Privacy Rule’s right of access provisions ensure that patients can obtain access to their protected health information (PHI). Failure to do so may result in hefty monetary penalties and mandated corrective action plans. The...
How Cybersecurity Vulnerability Disclosures Help the Healthcare Community
As the healthcare community continues to grapple with cybersecurity challenges, more device manufacturers, independent researchers, and software companies have been prioritizing cybersecurity vulnerability disclosures as a way to mitigate...
How BCBS MA Combats DME, Telemedicine Fraud Schemes
Equipped with fragments of personal information available on the internet or the dark web, scammers are increasingly targeting seniors in elaborate telemedicine fraud and durable medical equipment (DME) schemes, Blue Cross Blue Shield of...
How Healthcare is Tackling Patient Privacy in a Post-Roe World
The Supreme Court’s recent decision on Dobbs v. Jackson Women’s Health Organization, which struck down both Roe v. Wade and Planned Parenthood v. Casey, put a person’s right to abortion under the jurisdiction of individual...
Top Mid-Year Healthcare Cybersecurity Trends
A constant stream of ransomware attacks, increasing technological complexity, and escalating medical device security concerns across the sector have put pressure on healthcare cybersecurity efforts so far in 2022. In conversation with...
How to Identify, Address Insider Threats in Healthcare
Malicious hackers ascending from the depths of the dark web, state-sponsored ransomware groups, and targeted phishing scams may come to mind when thinking of potential healthcare cybersecurity threats. But insider threats, whether borne...
Increasing API Adoption While Addressing Healthcare Cybersecurity Concerns
Application programming interface (API) adoption is growing rapidly, but healthcare cybersecurity concerns are not far behind. For healthcare, a breadth of evidence suggests that API adoption could revolutionize interoperability...
How New Federal, State Laws Impact Healthcare Data Privacy
Along with HIPAA’s requirements for safeguarding protected health information (PHI), HIPAA-covered entities also must pay close attention to the patchwork of federal and state data privacy laws that dictate how different types of...
Breaking Down the NIST Cybersecurity Framework, How It Applies to Healthcare
If implemented carefully, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) can help healthcare organizations bolster their cybersecurity programs and further safeguard patient data and critical...