Healthcare Information Security

Cybersecurity Best Practices

OIG Forms Team to Protect HHS, Boost Cybersecurity Best Practices

October 10, 2018 - The HHS OIG has formed a multidisciplinary cybersecurity team composed of auditors, evaluators, investigators, and attorneys from various HHS agencies to help protect department data and systems and foster cybersecurity best practices among partners and stakeholders. The team includes representatives from the following HHS agencies: Office of Audit Services, Cybersecurity and...


More Articles

Remote Access System Hacking Is No. 1 Patient Safety Risk

by Fred Donovan

Hackers attacking healthcare through remote access systems and disrupting operations is the number one patient safety risk, according to the ECRI Institute’s annual Top 10 Health Technology Hazards for 2019. ECRI Institute said it...

HPH SCC Set To Issue Cybersecurity Best Practices for Healthcare

by Fred Donovan

The Healthcare and Public Health Sector Coordinating Council (HPH SCC) soon plans to release voluntary cybersecurity best practices for medical device manufacturers and healthcare providers, the groups announced Oct. 1 on the kickoff...

Healthcare Workers Uninformed About Cybersecurity Best Practices

by Fred Donovan

Forty percent of healthcare workers would allow a colleague to use their work computer, displaying a disturbing lack of knowledge about cybersecurity best practices. Surprisingly, healthcare workers performed better than government...

NIST Cybersecurity Framework To Get Privacy Framework Companion

by Fred Donovan

NIST is launching a collaborative privacy framework initiative as a complement to the NIST Cybersecurity Framework, the agency announced Sept. 4. The privacy framework would provide voluntary guidelines for protecting privacy in an era of...

CISOs Unite To Improve IT Security in Healthcare Supply Chain

by Fred Donovan

Healthcare CISOs have set up a council to develop, recommend, and promote security best practices to bolster IT security throughout the healthcare supply chain. Founding members of the Provider Third Party Risk Management Council include...

For ASCs, Size Matters When It Comes to Healthcare Cybersecurity

by Fred Donovan

For ambulatory surgery centers (ASCs), healthcare cybersecurity challenges and responses are different depending on the size of the operation, observed Tom Hui, founder of SurgiCenter Information Systems and CEO of HSTpathways. Hui noted...

CISOs Stockpile Cryptocurrency in Case of Ransomware Attack

by Fred Donovan

The threat of a ransomware attack has led nearly three-quarters of CISOs to stockpile cryptocurrency to pay cybercriminals, according to survey of 1,700 IT, security, and business leaders in the United States, the UK, and Germany by...

Healthcare Data Security Worries Discourage Virtual Care Use

by Fred Donovan

Concerns about healthcare data security and patient privacy are holding physicians back from using virtual care technology, according to a survey of physicians and consumers by Deloitte. One-third of physicians cited data security and...

Software Patching Integral to PHI Data Security, HIPAA Compliance

by Fred Donovan

Healthcare organizations and vendors are responsible for identifying and mitigating the risks unpatched software poses to ePHI as part of their HIPAA compliance, OCR advised in its June Cybersecurity Newsletter. As part of their risk...

Top 10 Cybersecurity Best Practices for Healthcare CISOs

by Fred Donovan

Faced with an onslaught of threats these days, healthcare chief information security officers (CISOs) need to take a deep breath and focus on cybersecurity best practices. The number and frequency of these threats—ransomware,...

Siemens Flags Cybersecurity Vulnerabilities in RAPID Blood-Gas Analyzers

by Fred Donovan

Siemens Healthineers is warning about two cybersecurity vulnerabilities affecting its RAPID blood-gas analyzers that could enable attackers to compromise the confidentiality, integrity, and availability of the devices.  The...

Congress Turns Up Heat on HHS About Cybersecurity Threat Report

by Fred Donovan

Congress is taking HHS to task about problems with the department’s cybersecurity threat report required by the Cybersecurity Information Sharing Act of 2015. The HHS Cyber Threat Preparedness Report (CTPR) “omitted or lacked...

Older Healthcare OSes Open to Cybersecurity Vulnerabilities

by Fred Donovan

The healthcare industry is the slowest industry in upgrading to Windows 10, meaning that many in healthcare are running older versions of Windows more susceptible to cybersecurity vulnerabilities, according to the latest data from Duo...

HITRUST Unveils Certification for NIST Cybersecurity Framework

by Fred Donovan

The Health Information Trust Alliance (HITRUST) launched May 22 a certification program for the NIST Cybersecurity Framework (CSF) that makes it easier for security teams to report on their implementation of the framework to upper...

Most Healthcare Workers Admit to Non-Secure Healthcare Data Sharing

by Fred Donovan

Most healthcare workers surveyed admit to non-secure healthcare data sharing using email. A disturbing 87 percent of healthcare workers admit to using non-secure email to send sensitive information, including PHI, according to survey data...

Healthcare Providers Score High on Ransomware Attack Mitigation

by Fred Donovan

Researchers have found that healthcare providers are doing a good job of implementing recommendations in the ONC SAFER Guides’ contingency planning guide, which was updated last year to incorporate strategies for ransomware attack...

Navy, USAF Could Face HIPAA Violation Fines for Lax EHR Security

by Fred Donovan

The US Navy and US Air Force have poor security practices for their electronic health record (EHR) systems and could face millions of dollars in HIPAA violation fines if action is not taken to correct these problems, warned the Department...

Helping Struggling Hospitals Recover from Ransomware Attacks

by Fred Donovan

The biggest cybersecurity issue for hospitals is response and recovery from ransomware attacks, observed Fernando Martinez, senior vice president and chief digital officer at the Texas Hospital Association and president/CEO of Texas...

Healthcare Industry Scores Low on Data Security Knowledge

by Fred Donovan

The healthcare industry is one of the worst when it comes to data security knowledge, according to data from Wombat Security’s learning management system. Customers in the healthcare industry answered 23 percent of IT security...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks