Healthcare Information Security

Health IT Security and HIPAA News

Cryptocurrency Mining Tops Ransomware Attacks as New Cyberthreat

by

While ransomware attacks continue to preoccupy the minds of healthcare IT security pros, a new threat is emerging—cryptocurrency mining. Not as devastating as ransomware, cryptocurrency mining malware can still degrade system performance...

Natus Plugs 8 Cybersecurity Vulnerabilities in EEG Software

by

Natus Medical has updated its NeuroWorks software to plug eight cybersecurity vulnerabilities that could enable an attacker to get control of the Natus Xltek electroencephalogram (EEG) device and crash it, according to a June 14 ICS-CERT advisory....

OCR Guidance Tackles PHI Research Use Under HIPAA Privacy Rule

by

OCR has issued new guidance on the HIPAA Privacy Rule that explains certain requirements for an authorization to use or disclose PHI for research and clarifies aspects of the individual’s right to revoke an authorization. The guidance implements...

Healthcare Orgs, Device Makers Debate Cybersecurity Vulnerabilities

by

A number of medical organizations have submitted recommendations to the House Energy and Commerce Committee on how to reduce cybersecurity vulnerabilities in aging healthcare IT systems and medical devices under the committee’s Supported...

Clinical Trial Subjects Unworried about Health Data Sharing Risks

by

Fewer than 8 percent of clinical trial participants felt that security and privacy risks of health data sharing outweighed the benefits, according to a study by Stanford researchers recently published in the New England Journal of Medicine. Around...

RISE Ransomware Attack Puts 3,731 Patients at Risk

by

RISE Wisconsin reported June 7 to OCR that it suffered a ransomware attack in which PHI on 3,731 individuals may have been exposed. In a press release, RISE said that patient names, addresses, dates of birth, Social Security numbers, and some...

Healthcare Organizations Relying on Passive Mobile Device Security

by

Half of healthcare organizations rely on passive mobile device security measures such as policy and education, which could leave them vulnerable to attack, according to an annual survey of more than 300 healthcare organizations by healthcare...

Some Healthcare Firms Struggle To Comply with EU Data Privacy Rule

by

Around one-third of healthcare organizations are still “on the journey” to comply with the EU's General Data Protection Regulation (GDPR), even though the GDPR took effect May 25, according to a cross-industry global survey of...

Secure Texting Becoming 1st Choice for Sending Healthcare Data

by

Secure texting is becoming the first choice to send information while keeping sensitive data secured, according to a survey of 770 hospital professionals and 1,279 physician practices by Black Book Market Research. Eight-five percent of hospitals...

HIPAA Security Rule Risk Analysis Remains Source of Confusion

by

Widespread confusion in the healthcare industry continues to persist about OCR risk analysis requirements under the HIPAA Security Rule, according to legal experts David Gacioch and Edward Zacharias of McDermott Will & Emery. Failure to perform...

New York Suspends Nurse for HIPAA Violation Affecting 3K Patients

by

The state of New York has suspended Martha Smith-Lightfoot, a former nurse at the University of Rochester Medical Center (URMC), for a HIPAA violation. Smith-Lightfoot admitted to disclosing PHI when she took a list of more than 3,000 patients...

Organizations Lack Adequate Budget for Medical Device Security

by

Despite recognizing medical device security as a priority, only 37 percent of more than 100 healthcare practitioners had budgets to implement their device security strategy, according to a HIMSS survey. Most respondents (85%) said they used...

Court Dismisses FTC Order on LabMD’s Data Security Lapses

by

In a long anticipated ruling, a federal appeals court has thrown out a Federal Trade Commission (FTC) order directing the now-defunct medical testing firm LabMD to overhaul its data security program. In 2013, the FTC filed a complaint against...

Congress Turns Up Heat on HHS About Cybersecurity Threat Report

by

Congress is taking HHS to task about problems with the department’s cybersecurity threat report required by the Cybersecurity Information Sharing Act of 2015. The HHS Cyber Threat Preparedness Report (CTPR) “omitted or lacked sufficient...

Dignity Health Data Breach Affects 55.9K Patients

by

On May 31, California-based Dignity Health reported to OCR that a data breach exposed personal information on 55,947 patients. In a Dignity Health statement emailed to HealthITSecurity.com, the healthcare provider explained that an email list...

Meltdown, Spectre Variants Could Endanger Healthcare Data Security

by

New variants of the Meltdown and Spectre security vulnerabilities were recently discovered by researchers, possibly putting healthcare data security at risk. The vulnerabilities affect hundreds of millions of processors used in desktop computers,...

Utilizing Healthcare Data Security, Cloud for a Stronger Environment

by

Data can be a really powerful tool, but it can also introduce some new challenges and definitely some healthcare data security headaches. Let me pause here for a second and put into perspective just how much data we’re creating. A recent...

Washington Bolsters Patient Privacy Rights with New Law

by

A Washington state law (SB 6027) set to take effect June 7 limits the use of medical and mental health records in discrimination lawsuits, strengthening patient privacy rights, the Seattle Times reported.  The state House passed SB 6027...

Taking a Practical Approach to Healthcare Data Security

by

Let’s be honest. If you start to discuss all the various aspects of healthcare data security, it’s easy to get overwhelmed quickly. There are so many parts and pieces when it comes to working with proper healthcare security it’s...

Ransomware Attacks Topped List of Cyber Insurance Claims

by

More than one-quarter of cyber insurance claims received by AIG last year were the result of ransomware attacks, the largest percentage of any cyberattack type, according to the insurance giant’s 2017 cyber insurance claim statistics. AIG...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks