Healthcare Information Security

Health IT Security and HIPAA News

Homeland Security Gains Cybersecurity Agency with New Legislation

by

The House of Representatives unanimously passed legislation on Monday, establishing the Cybersecurity and Infrastructure Security Agency with the Department of Homeland Security. The Senate passed the bill in October, and it now heads to...

Ransomware Attack on May Eye Care Breaches 30K Patient Records

by

Pennsylvania-based May Eye Care Center and Associates reported a breach of 30,000 patient records after falling victim to a ransomware attack on July 29. The ransomware infected May Eye Care’s server, compromising its electronic...

Healthcare’s Dependence on Fax Machines Poses Risk to Health Data

by

While the healthcare sector has some of the most advanced technology available, it’s oft perplexing to discover that about 75 percent of all healthcare communications are still processed by the antiquated fax machine. Security...

UK NHS Releases Guidance on Instant Messaging Apps in Healthcare

by

The United Kingdom National Health Service released new instant messaging guidelines for clinicians in the acute care setting, including privacy policies for sharing patient data. The guidance follows a damning CommonTime report that...

VUMC Fights Healthcare Phishing with Multi-Factor Authentication

by

The healthcare sector has remained a primary target for phishing attacks in recent years, with highly targeted viruses like SamSam and Ryuk wreaking havoc on the industry. In fact, one in every hundred emails sent globally has malicious...

Phishing Attacks Breach Data of 42K Florida Patients for 3 Months

by

Florida-based Health First notified 42,000 patients that their personal data may have been exposed for three months after several employees fell victim to phishing attacks. The breach was reported to the Department of Health and Human...

SSNs, Tax Data Exposed in Healthcare.gov Health Data Breach

by

Partial Social Security numbers (SSNs), immigration status, and tax information might have been stolen as a result of the health data breach on the Healthcare.gov portal last month. In October, CMS admitted to a breach of...

NIH Reboots Genomic Data Access After Patient Privacy Fears Eased

by

The National Institutes of Health (NIH) has resumed public access to its genomic summary results after restricting access for ten years over patient privacy concerns. Genomic summary results “convey information relevant to...

HITRUST’s New Threat Catalogue Key Component of Risk Analysis

by

The Health Information Trust Alliance (HITRUST) has released its threat catalogue that provides healthcare organizations and other firms with visibility into cyber risks to their information, assets, and operations. The HITRUST threat...

Health Data Breach Compromised PHI on 566K CNO Customers

by

CNO Financial Group reported to OCR on Oct. 25 that a breach compromised PHI on 566,217 individuals. CNO Financial Group’s largest unit, Bankers’ Life, issued a statement describing the breach. The group discovered...

Cybersecurity Vulnerabilities Flagged in Roche Handheld Devices

by

ICS-CERT is warning about cybersecurity vulnerabilities in Roche point-of-care handheld medical devices. The devices, which go by the names Accu-Chek and CoaguChek, suffer from improper authentication, OS command injection, unrestricted...

NJ Fines Vendor Behind Virtua Healthcare Data Breach $200K

by

New Jersey is slapping a $200,000 fine on a defunct Georgia-based medical transcription company that caused the Virtua Medical Group breach impacting more than 1,650 individuals in 2016. The $200,000 fine includes $191,492.00 in civil...

4.4M Records Exposed in 117 Health Data Breaches in Q3 2018

by

A total of 4.4 million patient records were compromised in 117 health data breaches in the third quarter of 2018, according to the latest Protenus Breach Barometer. These figures compare with 3.15 million records compromised in 142 health...

Many IT Pros Lack Budget for Connected Medical Device Security

by

A disturbing 41 percent of healthcare IT professionals do not have a separate or sufficient budget for connected medical device security, according to a recent survey by Propeller Insights on behalf of Zingbox. Despite this lack of...

Healthcare Makes Up One-Quarter of SamSam Ransomware Attacks

by

Healthcare organizations have accounted for one-quarter of SamSam ransomware attack victims so far this year, said security firm Symantec in a recent blog post.  In total, 67 different organizations across sectors have been...

FDA Needs Procedures for Recalls of Vulnerable Medical Devices

by

HHS OIG is recommending that the FDA establish and maintain procedures for handling recalls of vulnerable medical devices that can be exploited by attackers or other unauthorized users. In addition, OIG advises the FDA to establish...

OCR Recommends Healthcare Cybersecurity Best Practices

by

As National Cybersecurity Awareness Month draws to a close, OCR is recommending healthcare cybersecurity best practices to prevent cyberattacks from succeeding and lessening their impact if they do succeed. “Because ePHI...

Only 29% of Healthcare Entities Have Full Cybersecurity Program

by

Only 29 percent of healthcare organizations report having a comprehensive cybersecurity program in place, according to the 2018 CHIME HealthCare’s Most Wired survey released this week. Among those organizations that don’t have...

Cybersecurity Vulnerabilities Lurk in Brain Stimulation Devices

by

Neurostimulators have cybersecurity vulnerabilities that could be exploited by hackers to get access to the devices, manipulate them, and steal data transmitted by them. This was the conclusion of a report prepared by security firm...

Ransomware Attack at Iowa Eye Clinic Puts PHI of 40K at Risk

by

Iowa-based Jones Eye Clinic suffered a ransomware attack that may have compromised personal data on 40,000 patients, the Sioux City Journal reported Oct. 24. Information that might have been exposed included patient full name, address,...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...