Healthcare Information Security

Health IT Security and HIPAA News

Man Convicted of DDoS Attack Against Boston Children’s Hospital

by

Martin Gottesfeld of Somerville, Massachusetts, was convicted by a federal jury of carrying out a DDoS attack against Boston Children’s Hospital and against Wayside Youth and Family Support Network, the Department of...

SamSam Ransomware Attacks Net Creator $6M So Far

by

SamSam ransomware attacks, which have targeted healthcare organizations, has netted its creator $6 million so far, according to a recent report by security firm Sophos. Three-quarters of the victims are based in the United States, and the...

FBI Warns About Attackers Targeting Internet of Things Devices

by

Healthcare organizations are increasingly deploying Internet of Things (IoT) devices to improve employee productivity and patient care. However, those same devices are being targeted by cybercriminals, warned the FBI in an August 2 public...

NIST, NCCoE Publish Guide on Healthcare Mobile Device Security

by

NIST and the National Cybersecurity Center of Excellence (NCCoE) have released a guide on how providers can improve healthcare mobile device security to better protect PHI. The guidance, Securing Electronic Records on Mobile Devices,...

OCR On Pace To Assess Less Money in HIPAA Violation Fines in 2018

by

OCR is on pace to conclude fewer HIPAA settlements and assess less money in HIPAA violation fines this year than in previous years, according to a report from the law firm Gibson Dunn. For the first half of this year, OCR has reported...

19K Orlando Orthopaedic Patients At Risk from Lax Vendor Security

by

Florida-based Orlando Orthopaedic Center reported to OCR on July 20 that 19,101 individuals were affected by lax vendor security, leading to a possible PHI breach. The breach occurred at a transcription service vendor in December,...

Accidents Were Most Frequent Cause of Healthcare Data Breaches

by

In the second quarter of 2018, the most frequent cause of healthcare data breaches was accidental disclosures, according to incidents reported to the Beazley Breach Response Services team.  Accidental disclosures made up 38 percent...

Smart Kids Thermometer Coughs Up Digital Health Data to Hackers

by

Ivy Health Kids Thermometer, a smart and portable arm thermometer for babies and small children that connects over Bluetooth to a mobile device app, failed to protect sensitive digital health data of children from hackers, according...

Phishing Attack Exposes PHI of 1.4M UnityPoint Health Patients

by

Iowa-based UnityPoint Health said July 30 that it notified approximately 1.4 million patients of a recent email phishing attack incident that may have compromised their PHI. Patient information that might have...

HHS Leads Federal Agencies in Email Security Implementation

by

HHS has secured the most domains of any federal agency as part of the DMARC email security protocol implementation mandated by the Department of Homeland Security (DHS), according to a study by email security firm Agari. The Domain-based...

Half of US Adults Are Anxious About Healthcare Data Security

by

Around half of US adults (49%) are extremely or very concerned about their healthcare data security, such as diagnoses, health history, and test results, according to a survey of more than 2,000 US adults by The Harris Poll on behalf of...

HHS Pushes for Changes to HIPAA Privacy Rule, 42 CFR Part 2

by

In the next few months, HHS plans to issue requests for information (RFIs) about changing the HIPAA Privacy Rule and 42 CFR Part 2 to make it easier for doctors, hospitals, and payers to coordinate in delivering value-based care and...

CMS Would Drop Security Risk Analysis from Interoperability Score

by

CMS is proposing that the Protect Patient Health Information objective and its associated measure, security risk analysis, would no longer be scored as a measure but would act as a prerequisite for a participating clinician to earn any...

HHS Fails To Fix Cybersecurity Vulnerabilities, Putting PHI At Risk

by

HHS has failed to remedy cybersecurity vulnerabilities in its systems that could put PHI at risk, warned the GAO in a report released July 25. The GAO cited problems at CMS that threaten to compromise Medicare beneficiary data and the...

HATA Says PMS Vendors Want to Remain HIPAA Business Associates

by

Currently, practice management software (PMS) vendors are considered HIPAA business associates  and therefore subject to the HIPAA Privacy and Security Rules, but not the HIPAA transactions and codes set requirements. The Healthcare...

PHI of 105K People At Risk in Boys Town Healthcare Data Breach

by

Nebraska-based Boys Town National Research Hospital reported to OCR July 20 a healthcare data breach that may have exposed PHI on 105,309 individuals. In a statement, Boys Town said it discovered on May 23 unusual activity relating to an...

Up to $150K for Victims of Flowers’ Healthcare Data Breach

by

More than 1,200 people could receive up to $150,000 in payments following the tentative settlement of a class-action lawsuit against Alabama-based Flowers Hospital for a 2014 healthcare data breach, TV station WTVY reported on July...

CISOs Stockpile Cryptocurrency in Case of Ransomware Attack

by

The threat of a ransomware attack has led nearly three-quarters of CISOs to stockpile cryptocurrency to pay cybercriminals, according to survey of 1,700 IT, security, and business leaders in the United States, the UK, and Germany by...

How Does HIPAA Apply to Wearable Health Technology?

by

The use of wearable health technology is expected to expand substantially within the next few years. Wearable devices offer many health tracking capabilities, including measuring heart rate, number of steps taken per day, and glucose and...

Healthcare Data Security Worries Discourage Virtual Care Use

by

Concerns about healthcare data security and patient privacy are holding physicians back from using virtual care technology, according to a survey of physicians and consumers by Deloitte. One-third of physicians cited data security and...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...