Healthcare Information Security

Cybersecurity

HealthEquity Email Hack Breaches Data of 190K Patients

November 20, 2018 - An email hack on two employee email accounts potentially breached the personal data of 190,000 HealthEquity customers. HealthEquity provides health savings accounts and similar services to more than 3.4 million individuals. This is the second breach reported by HealthEquity this year. In June, an unauthorized user hacked into an employee’s email account and breached the data of...


More Articles

SSNs, Tax Data Exposed in Healthcare.gov Health Data Breach

by Fred Donovan

Partial Social Security numbers (SSNs), immigration status, and tax information might have been stolen as a result of the health data breach on the Healthcare.gov portal last month. In October, CMS admitted to a breach of...

HITRUST’s New Threat Catalogue Key Component of Risk Analysis

by Fred Donovan

The Health Information Trust Alliance (HITRUST) has released its threat catalogue that provides healthcare organizations and other firms with visibility into cyber risks to their information, assets, and operations. The HITRUST threat...

Cybersecurity Vulnerabilities Flagged in Roche Handheld Devices

by Fred Donovan

ICS-CERT is warning about cybersecurity vulnerabilities in Roche point-of-care handheld medical devices. The devices, which go by the names Accu-Chek and CoaguChek, suffer from improper authentication, OS command injection, unrestricted...

NJ Fines Vendor Behind Virtua Healthcare Data Breach $200K

by Fred Donovan

New Jersey is slapping a $200,000 fine on a defunct Georgia-based medical transcription company that caused the Virtua Medical Group breach impacting more than 1,650 individuals in 2016. The $200,000 fine includes $191,492.00 in civil...

4.4M Records Exposed in 117 Health Data Breaches in Q3 2018

by Fred Donovan

A total of 4.4 million patient records were compromised in 117 health data breaches in the third quarter of 2018, according to the latest Protenus Breach Barometer. These figures compare with 3.15 million records compromised in 142 health...

Many IT Pros Lack Budget for Connected Medical Device Security

by Fred Donovan

A disturbing 41 percent of healthcare IT professionals do not have a separate or sufficient budget for connected medical device security, according to a recent survey by Propeller Insights on behalf of Zingbox. Despite this lack of...

Healthcare Makes Up One-Quarter of SamSam Ransomware Attacks

by Fred Donovan

Healthcare organizations have accounted for one-quarter of SamSam ransomware attack victims so far this year, said security firm Symantec in a recent blog post.  In total, 67 different organizations across sectors have been...

FDA Needs Procedures for Recalls of Vulnerable Medical Devices

by Fred Donovan

HHS OIG is recommending that the FDA establish and maintain procedures for handling recalls of vulnerable medical devices that can be exploited by attackers or other unauthorized users. In addition, OIG advises the FDA to establish...

OCR Recommends Healthcare Cybersecurity Best Practices

by Fred Donovan

As National Cybersecurity Awareness Month draws to a close, OCR is recommending healthcare cybersecurity best practices to prevent cyberattacks from succeeding and lessening their impact if they do succeed. “Because ePHI...

Only 29% of Healthcare Entities Have Full Cybersecurity Program

by Fred Donovan

Only 29 percent of healthcare organizations report having a comprehensive cybersecurity program in place, according to the 2018 CHIME HealthCare’s Most Wired survey released this week. Among those organizations that don’t have...

Cybersecurity Vulnerabilities Lurk in Brain Stimulation Devices

by Fred Donovan

Neurostimulators have cybersecurity vulnerabilities that could be exploited by hackers to get access to the devices, manipulate them, and steal data transmitted by them. This was the conclusion of a report prepared by security firm...

Healthcare Continues To Bear the Brunt of Ransomware Attacks

by Fred Donovan

Healthcare remains the most targeted industry by ransomware attacks, which have spiked in the third quarter of 2018, according to latest data from specialist insurer Beazley. Ransom demands in the most sophisticated type of breaches also...

HHS Opens Healthcare Cybersecurity Center To Aid Private Sector

by Fred Donovan

HHS has opened its Health Sector Cybersecurity Coordination Center (HC3), which will be a healthcare cybersecurity threat analysis and incident response partner to the private sector. HC3 replaces the Healthcare Cybersecurity and...

Server Configuration Is Top Healthcare Software Vulnerability

by Fred Donovan

Server configuration is the top healthcare software vulnerability, followed by information leakage and cryptographic issues, according to Veracode’s State of Software Security (SOSS) study. Other top vulnerabilities for...

HSCC Wants Healthcare Cybersecurity Waiver to Anti-kickback Rules

by Fred Donovan

The Healthcare Sector Coordinating Council (HSCC) asked the HHS OIG for a waiver to the anti-kickback rules to enable the donation of healthcare cybersecurity technology and services to improve the cybersecurity of smaller healthcare...

New Opioid Law Includes Expanded Patient Data Sharing Provision

by Fred Donovan

President Donald Trump signed into law this week a sweeping opioid measure that includes expanded patient data sharing regarding opioid and other substance addiction treatment information. The law, however, does not include a provision...

Healthcare Takes Around 350 Days to Identify, Contain Data Breach

by Fred Donovan

The healthcare industry had the second highest number of days to identify and contain a data breach, around 350 days, according to a recent study by The Ponemon Institute and IBM. The healthcare industry was second only to the...

ERS Online Coding Error Exposes 1.25M Users to Health Data Breach

by Fred Donovan

The Employee Retirement System (ERS) of Texas reported to OCR on Oct. 15 that information on potentially 1.25 million people may have been exposed in a health data breach. In a statement on its website, ERS explained that a coding error...

Healthcare Cybersecurity Is a Top Safety Issue for Hospital Pros

by Fred Donovan

Healthcare cybersecurity was listed as one of the top safety issues for hospitals and other healthcare facilities, behind severe weather and active shooter incidents, according to a survey of 300 healthcare safety professionals by Rave...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...