Breaking Down the NIST Cybersecurity Framework, How It Applies to Healthcare
HealthITSecurity If implemented carefully, the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) can help healthcare organizations bolster their cybersecurity programs and further safeguard patient data and critical systems. NIST launched its cybersecurity framework in 2014 following a 2013 executive order on improving critical infrastructure cybersecurity under the...
More Features
Operational Technology (OT) Security Risks, Best Practices in Healthcare
Information technology (IT) and operational technology (OT) security require varying approaches, but both are crucial to maintaining a safe and secure healthcare environment. IT and OT are fundamentally different—while IT security...
Common Types of Social Engineering, Phishing Attacks in Healthcare
Social engineering attacks remain some of the most efficient and effective ways for threat actors to exploit victims and gain network access, and the healthcare sector is no exception. Baiting, tailgating, and pretexting are all popular...
Exploring the Value, Limitations of Medical Device Security Legislation
Recently introduced medical device security legislation such as the Protecting and Transforming Cyber Health Care (PATCH) Act, the Food and Drug Administration's (FDA) medical device security provisions within its user fee...
What is the HIPAA Privacy Rule?
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) established national standards for the security and privacy of protected health information (PHI). HHS issued the HIPAA Privacy Rule and the HIPAA Security Rule to...
What is the HIPAA Security Rule?
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the HHS secretary to develop rules for safeguarding electronic protected health information (ePHI). Out of these requirements, HHS created the HIPAA Privacy...
Responding To a Healthcare Ransomware Attack: A Step-By-Step Guide
Healthcare ransomware attacks can result in data exfiltration, financial and reputational losses, and workflow disruptions. Even the most sophisticated security programs are not immune to ransomware. The Federal Bureau of...
Exploring Challenges, Benefits of Cyber Insurance in Healthcare
As the healthcare sector remains a key target for data breaches, more organizations are turning to cyber insurance to minimize the damaging effects of a breach. Healthcare data breaches impacted more than 40 million individuals in 2021...
Misconceptions About HIPAA, Interoperability, Information Blocking
Since HIPAA was signed into law more than 25 years ago, misconceptions surrounding its purpose, reach, and limitations have persisted. The COVID-19 pandemic exacerbated those misconceptions—multiple public figures cited HIPAA as a...
Is the Proliferation of Cybersecurity Vendors Helping or Hurting Healthcare?
A proliferation of cybersecurity vendors have entered the market in recent years hoping to alleviate security and privacy concerns across the healthcare sector. At the 2nd Annual HealthITSecurity Virtual Summit, Michael Carr, system vice...
What Is Holding Healthcare Back From Digital Transformation?
Cloud adoption, artificial intelligence (AI), and the Internet of Things (IoT) are actively contributing to digital transformation on a global scale. The healthcare sector is no exception, especially when it comes to adopting...
The Quest to Improve Security, Privacy of Third-Party Health Apps
Third-party health applications fall outside HIPAA's purview, positioning them in a regulatory gray area where transparency, security, and privacy obligations are left open to interpretation. Consumers may not realize that the way...
How Jefferson Health is Tackling the Cybersecurity Workforce Shortage
The current healthcare cyber threat landscape demands strict, sophisticated security controls and constant monitoring. But the ongoing cybersecurity workforce shortage has left many organizations scrambling to safeguard data and prevent...
Medical Device Security Requires Standards, Shared Responsibility
Medical device security is arguably one of the biggest security challenges healthcare organizations face today. With thousands of connected devices moving around a hospital at once, organizations have historically struggled to keep a...
Your Responsibilities Under the HIPAA Breach Notification Rule
The HIPAA Breach Notification Rule requires HIPAA-covered entities and business associates to follow specific reporting requirements following the discovery of a protected health information (PHI) breach. If organizations fail to comply...
Driving Digital Transformation in Healthcare With Industry Clouds
Public, private, hybrid, and multi-cloud architectures are gaining traction in healthcare, but industry clouds may be the next big thing in cloud computing. As the name suggests, industry clouds offer sector-specific cloud solutions to...
AI in Healthcare Presents Need for Security, Privacy Standards
Responsible implementation of artificial intelligence (AI) in healthcare requires a focus on security and privacy. AI's capabilities in clinical and research settings are continually expanding, but any new technology brings a host of...
What Is a HIPAA Business Associate Agreement (BAA)?
HIPAA-covered entities are required to enter into business associate agreements (BAAs) with any third party that handles protected health information (PHI). As the cyber threat landscape evolves and data privacy and security concerns...
How to Effectively Communicate Healthcare Cyber Risks to C-Suite Execs
Effectively communicating healthcare cyber risks to C-suite executives is crucial to securing the vital cybersecurity resources needed to combat the multitude of data breaches and cyberattacks that torment the healthcare sector daily. But...
Navigating The Highly Saturated Healthcare Cybersecurity Market
As cyberattacks increase, the healthcare cybersecurity market is being inundated with new vendors and solutions. Navigating the highly saturated healthcare cybersecurity market can be difficult, especially with a limited budget and a vast...
