Managing Telehealth, Remote Patient Monitoring Security Concerns
HealthITSecurity As adoption increases, healthcare organizations, vendors, and providers will continually be tasked with managing telehealth and remote patient monitoring (RPM) security concerns. Although these technologies existed before, the pandemic prompted the need for safe and secure telehealth and RPM solutions that could be deployed on a larger scale. But that rapid drive toward telehealth...
More Features
PCI Compliance Versus HIPAA Compliance In Healthcare
The Payment Card Industry Data Security Standard (PCI DSS) and HIPAA both protect data in different domains. Just as HIPAA safeguards protected health information (PHI), PCI standards aim to protect credit card data. Since healthcare...
Adopting Defense In Depth Strategies to Combat Healthcare Cyberattacks
The current cyber threat landscape calls for sophisticated defense in depth strategies that allow organizations to adapt and respond to healthcare cyberattacks and vulnerabilities. The National Institute of Standards and Technology (NIST)...
Pros and Cons of Public, Private, Hybrid, Multi-Cloud Architectures
Whether a healthcare organization chooses to implement a public, private, hybrid, or multi-cloud architecture, the security risks and maintenance costs of each must be considered dutifully. Cloud computing technologies have experienced...
Why Endpoint Security is Critical For Healthcare Cybersecurity
Endpoint security should be a crucial component of every healthcare organization’s cybersecurity program. It only takes one vulnerable endpoint for a threat actor to gain access and orchestrate a healthcare cyberattack—and with...
Security, Privacy Risks of Artificial Intelligence in Healthcare
Artificial intelligence (AI) in healthcare has the potential to revolutionize clinical research and care delivery. AI can be used to sift through massive databases and may have applications in mental healthcare and cancer detection....
Top Healthcare Cybersecurity Challenges, How to Overcome Them
From ransomware to COVID-19 struggles to unauthorized disclosure and constant technological innovation, the healthcare sector must always be considering the unique cybersecurity challenges that come along with the ever-changing healthcare...
Using Software Bill of Materials (SBOMs) For Medical Device Security
A software bill of materials (SBOM) provides a list of all software components in a given device, enabling transparency by allowing device manufacturers, buyers, and operators to identify and mitigate vulnerabilities and manage medical...
How to Implement a Cyber Incident Response Plan for Healthcare
Having a cyber incident response plan in healthcare is required under HIPAA, but that does not mean that every healthcare organization actually has a comprehensive and actionable plan tailored specifically to their organization. When...
Status, Challenges of Information Blocking Rule Compliance
The Office of the National Coordinator for Health Information Technology (ONC) published its Information Blocking Final Rule in May 2020. Part of the 21st Century Cures Act, the rule defines information blocking as any practice that...
3 Keys to Third-Party Risk Management at WellSpan Health
Third-party risk management is a crucial tenet of WellSpan Health’s cybersecurity infrastructure. The South-Central Pennsylvania integrated health system engages with thousands of vendors, 30,000 endpoints, and 26,000 users, a fifth...
3 Barriers to Achieving Medical Device Security
Achieving medical device security requires a healthcare organization to have full visibility into how many devices are on its network, regularly patch and replace out-of-date devices, and stay ahead of the latest technical vulnerabilities...
The Threat of Distributed Denial-Of-Service Attacks in Healthcare
Distributed denial-of-service (DDoS) attacks flood a victim’s network with traffic, rendering network resources unusable. Often, DDoS attacks serve as a distraction while bad actors deploy more sinister malware on their victim’s...
FIN12 Ransomware: Why It’s a Healthcare Threat, How to Prevent an Attack
Unlike other threat actors that shy away from deploying ransomware on critical infrastructure, education, and healthcare, FIN12 ransomware group specializes in targeted attacks on the healthcare sector. Nearly 20 percent of threat...
The Importance of Third-Party Risk Assessments in Healthcare
Healthcare organizations can have the most sophisticated internal security protocols, but failing to assess third-party risk may leave organizations vulnerable to data breaches nonetheless. Threat actors are increasingly using third-party...
Exploring Zero Trust Security in Healthcare, How It Protects Health Data
Under the watchful eye of a zero trust security model, no device or user is automatically trusted before being vetted by strict authentication processes. Zero trust is not a single technology or tactic, but a set of cyber defenses that...
2021’s Top Healthcare Cybersecurity Threats, What’s Coming in 2022
Healthcare cybersecurity threats continue to cast a dark shadow on the already overburdened US healthcare system, especially as the COVID-19 pandemic persists. Feeding on global chaos, threat actors have orchestrated sophisticated...
De-Identification of PHI According to the HIPAA Privacy Rule
De-identification of protected health information (PHI) can help researchers glean valuable insights about population health, aid in healthcare policymaking, and bolster other research ventures. Once PHI is de-identified and can no longer...
Healthcare’s Email Problem: Insider Threats, Data Retention, Phishing
Reports consistently highlight the risk of vulnerability exploits and ransomware to healthcare. But email is often the key access point in these attacks, through phishing and stolen credentials. As insiders remain a leading threat,...
How to Mitigate COVID-19’s Impact on Device Security and Patient Safety
It’s been long established that the healthcare threat landscape, in terms of its prime targeted nature and the vast number of connected supply chain vendors and medical devices, poses an equal amount of risk and network security...
