Healthcare Information Security

Health IT Security and HIPAA News

Cybercriminals Using Innovative GrandCrab for Ransomware Attacks

by

Over the last few months, cybercriminals have begun using the innovative GrandCrab ransomware for their ransomware attacks, according to Fortinet’s Threat Landscape Report Q2 2018. GrandCrab is the first ransomware to accept Dash...

Americans Fret About Loss of Control Over Personal Information

by

Americans are concerned about loss of control over their personal information, according to a survey conducted by the US Census Bureau. Virtually the same number of households identified loss of control over personal data as a major...

Philips Delays Fix for Cardiograph Cybersecurity Vulnerabilities

by

Philips does not intended to fix cybersecurity vulnerabilities in its PageWriter Cardiograph devices, which could allow attackers to modify settings on the devices, until mid-year 2019, according to an August 16 advisory from...

Judge Gives Final OK to $115M Anthem Data Breach Settlement

by

US District Judge Lucy Koh has given final approval to a $115 million settlement that ends further claims against Anthem over its 2015 data breach that exposed personal information on 79 million people. Potentially exposed data included...

417K Patients Exposed In Latest Phishing Attack at AU Health

by

Close to half a million people may have had their PHI and other personal information exposed in a September 2017 phishing attack that impacted the Augusta University (AU) Health system. Another phishing attack on July 11, 2018, may have...

OIG Faults Maryland for Inadequate Medicaid Data Security

by

The HHS Office of Inspector General (OIG) has found that Maryland’s Medicaid data security program has failed to secure sensitive data and information systems. An OIG audit released August 14 concluded that numerous, significant...

258K People At Risk in Adams County of Wisconsin Data Breach

by

Personal information, including PHI, on 258,120 people was exposed in a data breach of the Adams County, Wisconsin, computer system. The Adams County government said in an August 10 release that the breach involved PII, PHI, and tax...

InterAct of Michigan Phishing Attack Exposes PHI on 1,290 People

by

InterAct of Michigan reported to OCR on August 7 that an email hacking incident may have exposed PHI on 1,290 individuals. In a statement on its website, InterAct explained that it became aware on June 8 that an unauthorized third party...

Healthcare Data Security Angst Drives Biometrics Market Growth

by

Concerns about healthcare data security and privacy are fueling rapid growth in the healthcare biometrics market, which is forecast by Verified Market Intelligence to grow at a 19.1 percent CAGR through 2025. The market is expected...

Cybersecurity Vulnerabilities Lurk in Philips IntelliSpace System

by

ICS-CERT is warning about cybersecurity vulnerabilities in Philips’ IntelliSpace Cardiovascular (ISCV) cardiac image and information management systems that could enable an attacker to escalate privileges on the ISCV server and...

OCR Levies Close to $80M in HIPAA Privacy Rule Fines

by

OCR has assessed close to $80 million in fines in 55 cases of HIPAA Privacy Rule violations since the rule took effect in April 2003, according to data on the HHS website. OCR has received 184,614 HIPAA complaints and has initiated 902...

McAfee Uncovers Cybersecurity Vulnerabilities in Patient Monitors

by

McAfee Labs has discovered cybersecurity vulnerabilities in a protocol used by patient monitors to communicate with central monitoring stations. If hackers could exploit the weakness in the RWHAT protocol used by connected medical devices...

Medtronic Criticized for Lax Medical Device Security Response

by

Researchers Billy Rios and Jonathan Butts criticized Medtronic’s response to medical device security issues in its products during a presentation at the BlackHat security conference held last week in Las Vegas. The researchers said...

Oklahoma Government in Row Over Alleged HIPAA Violation

by

Two branches of Oklahoma’s government are embroiled in a controversy over whether the Oklahoma Department of Veterans Affairs committed a HIPAA violation when it allowed VA medical aides to access patient medical records using their...

3.15M Records Exposed by 142 Healthcare Data Breaches in Q2 2018

by

In the second quarter of 2018, 3.15 million patient records were compromised in 142 healthcare data breaches, according to the Protenus Breach Barometer. A discouraging 30 percent of privacy violations involved repeat offenders,...

301K Patients Involved in St. Mary’s Paper Records Data Breach

by

SSM Health St. Mary’s Hospital in Jefferson City, Missouri, reported to OCR on July 30 that an improper disposal of paper medical records may have resulted in a data breach affecting 301,000 individuals. In a public notice, St....

ICS-CERT Flags Medtronic Devices for Cybersecurity Vulnerabilities

by

A Medtronic patient monitor and an insulin pump were flagged this week by ICS-CERT for cybersecurity vulnerabilities that could expose sensitive data to attackers. The Medtronic MyCareLink patient monitor suffers from insufficient...

HIPAA Security Rule Requires Secure Disposal of ePHI-Laden Devices

by

The HIPAA Security Rule requires HIPAA covered entities and business associates to implement policies and procedures regarding the secure disposal and re-use of electronic devices and media containing ePHI so that ePHI cannot be retrieved,...

Court Rejects Review of FTC Actions in LabMD Data Security Case

by

A federal appeals court rejected a request by LabMD founder Michael Daugherty for a review of a previous decision that shielded FTC lawyers from allegations that they engaged in unfair enforcement action regarding the now-defunct medical...

Healthcare IT Security Worst of Any Sector With External Threats

by

Healthcare IT security is the worst of any sector when it comes to external security posture, according to a recent report by security advisory firm Coalfire. The Coalfire Penetration Risk Report used customer penetration test data...

Most Read Stories

Upcoming Webcasts

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...