Healthcare Information Security

Health IT Security and HIPAA News

Implementing Executive Level Healthcare Cybersecurity Training

by

Employees at all levels should have a thorough healthcare cybersecurity training experience, especially as the potential threat factors continue to evolve. It takes just one inadvertent click from a malicious email for a health system to be compromised...

Prioritizing Healthcare Cloud Security in App Transitions

by

In working with a vast variety of different types of healthcare organizations, I’m certainly seeing a trend continue to grow. Healthcare is moving to cloud. This means growing from $3.73 billion in 2015 to nearly $9.5 billion by 2020, according...

49% of Orgs Report File Sharing Data Breach in Past 2 Years

by

With more healthcare organizations looking to cloud computing and file sharing options, PHI privacy and security cannot be overlooked. Failing to account for how these tools interact with sensitive data or work to keep that data secure could...

OIG Notes Va. Medicaid Information Security Vulnerabilities

by

An Office of Inspector General (OIG) audit found the Virginia Medicaid Management Information System (MMIS) to have information security vulnerabilities. “Virginia did not adequately secure its Medicaid data and information systems, which...

Virginia Mason Patient Data Privacy Breach Leads to Lawsuit

by

After receiving $8.5 million in a medical negligence lawsuit, a Washington couple is filing another lawsuit against Virginia Mason Medical Center for its alleged actions following a patient data privacy breach. Matthew and Sarah Hipps, MD, claim...

Senators, AHIMA Voice HIT Security, Interoperability Concerns

by

Proposed budget cuts and workforce reductions to HHS could have a potential negative impact on successfully implementing the 21st Century Cures Act, according to several senators. Specifically, HIT security, interoperability, and even advancing...

Texas Hospital Email Hack Exposes PHI of over 8K Patients

by

On February 21, 2017, an unauthorized individual accessed an employee email account containing PHI at Hill Country Memorial Hospital in Fredericksburg, Texas. Hill Country stated the email hack appears to be the result of intentional criminal...

HHS Reiterates OCR Ransomware Guidance after Recent Attack

by

The WannaCry ransomware attack should serve as a strong reminder to healthcare organizations to maintain necessary data security measures, including proper employee training. Adhering to the OCR ransomware guidance will also help covered entities...

GAO Finds Information Security, Privacy Key IoT Challenges

by

The Internet of Things (IoT) is increasingly becoming a popular option for healthcare organizations looking to improve communications and process more data. However, information security and privacy can be key challenges for numerous sectors,...

Best Practices for SQL Server Deployment in Healthcare

by

I don’t want to spend too much time on a lengthy introduction; the topic around SQL server deployment and healthcare security is very important to cover. However, consider the fact that 2015 and 2016 were pretty awful years when it comes...

Medical Devices Reportedly Infected in Ransomware Attack

by

The recent WannaCry ransomware attack that infiltrated more than 150 countries and forced some European healthcare organizations to suspend certain services reportedly infected certain medical devices as well. HITRUST explained in an email update...

Maintaining HIPAA Privacy through Increased Patient Access

by

The HIPAA Privacy Rule is not something that covered entities or business associates can afford to ignore, even as technology continues to evolve and patients have increased access to their own records. AHIMA raised a key issue though in a recent...

HHS Urges Caution in Wake of WannaCry Ransomware Attack

by

UPDATE: HHS released an additional update on May 15 with new details regarding the ransomware attack. Last week, multiple countries around the world reported falling victim to the WannaCry ransomware attack. Numerous hospitals and healthcare...

Recent Executive Order to Strengthen Federal Cybersecurity

by

Improving federal cybersecurity, specifically in the nation’s networks and infrastructure settings, is the key focus in a recent executive order President Trump signed earlier this week. Federal network cybersecurity must be improved in...

Memorial Hermann Agrees to $2.4M OCR HIPAA Settlement

by

Texas-based Memorial Hermann Health System (MHHS) recently agreed to a $2.4 million OCR HIPAA settlement following multiple allegations of inappropriate PHI disclosure. OCR conducted a compliance review after numerous media reports claimed that...

Unauthorized EHR Access Potentially Exposes 14K Records

by

On February 27, 2017, the Diamond Institute for Infertility and Menopause discovered a potential data breach in which an unauthorized individual gained access to a third-party server containing patient EHRs. While the patient EHRs and the database...

67% of Security Teams Say Insiders Top Data Security Threat

by

Healthcare organizations must ensure that they carefully monitor who is able to access sensitive information, as potential data security threats can occur from either insiders or third-parties. While working with trusted vendors or business associates...

HHS Creating Own NCCIC for Improved Healthcare Cybersecurity

by

HHS plans to create its own version of the National Cybersecurity and Communications Integration Center (NCCIC) in an effort to create stronger healthcare cybersecurity, according to a Federal News Radio report. HHS Chief Information Security...

NM Supreme Court to Review Alleged HIPAA Violation Case

by

A New Mexico district court mostly denied a motion to dismiss a case alleging HIPAA violations last Friday, and the state Supreme Court will now consider HIPAA’s scope in relation to the case. District Judge Judith C. Herrera denied...

Medical Device Security Focus in Recent NCCoE Collaboration

by

The National Cybersecurity Center of Excellence (NCCoE) recently released a draft of the NIST Cybersecurity Practice Guide, Securing Wireless Infusion Pumps in Healthcare Delivery Organizations, to help improve medical device security. NCCoE...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks