Healthcare Information Security

Health IT Security and HIPAA News

Medical Device Security Should Be Focus for Healthcare Providers

by

While ransomware attacks on hospitals have caught the headlines, medical device security and supply chain risk should be of greater concern to healthcare providers, according to a recent report by Trend Micro and HITRUST entitled Securing Connected...

Healthcare Data Breaches Now Covered by Arizona Law

by

Arizona is now including healthcare data breaches in its data breach notification law. Under legislation introduced in January and signed into law by Arizona Governor Doug Ducey earlier this month, information about an individual's medical...

HIPAA Compliance Gap Between Compliance Officers, Regulators

by

There is a large gap between the priorities of healthcare compliance officers and regulators when it comes to HIPAA compliance, according to a survey of 388 healthcare organizations by SAI Global and Strategic Management Services. Healthcare...

Cybersecurity Vulnerabilities Could Expose PHI in Heart Device

by

Attackers with physical access to the Biosense Webster CARTO 3 version 4 (V4) heart imaging device could exploit cybersecurity vulnerabilities in the operating system to access protected health information (PHI) stored on the device, warned the...

Reducing Cybersecurity Vulnerabilities Part of FDA Action Plan

by

The Food and Drug Administration (FDA) is asking Congress for additional authority and funding to expand its efforts to improve medical device safety, including reducing cybersecurity vulnerabilities in devices, said FDA Commissioner Scott Gottlieb...

Blue Shield of California Reports PHI Data Breach

by

Blue Shield of California admitted to a PHI data breach involving an insurance broker who was not authorized to receive patient information, according to a breach notification submitted to the California Attorney General’s Office. ...

FDA Warns of Cybersecurity Vulnerability in Defibrillators

by

Hackers could exploit a cybersecurity vulnerability in implantable cardiac defibrillators made by Abbott Laboratories (formerly St. Jude Medical) and endanger patient safety, according to a safety communication from the Food and Drug Administration...

Applying Inogen Data Breach Lessons to Healthcare Providers

by

The recent Inogen data breach, in which hackers were able to penetrate an employee’s email account, highlights the need for healthcare organizations to use multifactor authentication (MFA) to control access and to get robust cyber...

NIST Unveils Latest Version of Its Popular Cybersecurity Framework

by

The National Institute of Standards and Technology (NIST) recently released version 1.1 of its popular Cybersecurity Framework, which incorporates feedback received from public comments and workshops during 2016 and 2017. Version 1.1 of...

Health Data Privacy Rears Its Head at Facebook Hearing

by

During Congressional hearings last week, Rep. Marsha Blackburn (R-Tenn.) called on Facebook Chairman and CEO Mark Zuckerberg to support her bill, Balancing the Rights of Web Surfers Equally and Responsibly (BROWSER) Act, which would require companies...

FTC ‘Misconduct’ Charges Loom as Uber Health Service Launches

by

Uber is being hit with additional federal penalties for “misconduct” in not reporting a major 2016 data breach at a time when it is launching its Uber Health service, which the ride-sharing company pledges will be HIPAA compliant....

Patient Privacy Protections Extended to EOB in Massachusetts

by

Patient privacy protections have been extended to cover explanation of benefits (EOB) summaries sent out by health insurers, under a Massachusetts bill signed in to law by Governor Charlie Baker (R) earlier this month. Sensitive health information...

Data Privacy Rights Hinder Effective Treatment, Warns AHA

by

The American Hospital Association (AHA) is pushing for passage of HR 3545, the Overdose Prevention and Patient Safety Act, which would curb data privacy rights under 42 Code of Federal Regulations (CFR) Part 2 that prevent healthcare providers...

Mobile Device Security Worries Plague Healthcare Providers

by

Mobile device security is a top concern of healthcare providers when it comes to their mobile programs, according to a survey of 600 healthcare IT decision makers conducted by Vanson Bourne on behalf of mobile device management (MDM) provider...

SamSam Ransomware Attackers Target Healthcare Providers

by

So far this year, there have been at least eight cyberattacks on healthcare and government organizations employing the SamSam ransomware, the Department of Health and Human Services (HHS) said in a report released March 30. SamSam ransomware...

Integrated Rehab Consultants Admits to 2016 Healthcare Data Breach

by

Chicago-based Integrated Rehab Consultants is just now admitting to a healthcare data breach that it knew about back in 2016.  In December 2016, IRC received a tip from a healthcare researcher about patient data posted on a public repository....

Healthcare Industry Worst in Stopping Insider Data Breaches

by

The healthcare industry is the worst when it comes to stopping insider data breaches, according to Verizon’s 2018 Data Breach Investigations Report (DBIR) released April 10. The report found that the healthcare industry was the only sector...

GAO Raps CMS for Lax Healthcare Data Security in Medicare

by

The Centers for Medicare and Medicaid Services (CMS) is lax in its oversight of healthcare data security when it comes to Medicare beneficiaries, particularly for sharing data with researchers, warned a government watchdog agency. Recent data...

Virtua To Pay NJ $418,000 for HIPAA Violation

by

Virtua Medical Group has agreed to pay a $418,000 fine and to beef up its data security in a settlement with the New Jersey government over allegations that it failed to protect patient data of more than 1,650 individuals, resulting in a HIPAA...

HIPAA Covered Entities Get Pass on OR Data Breach Notification Law

by

HIPAA covered entities in Oregon are exempt from a new requirement that organizations in the state report data breaches within 45 days of discovery. Oregon Governor Kate Brown signed into law at the end of March amendments (Senate Bill 1551)...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks

Continue to site...