Healthcare Information Security

Cybersecurity Best Practices

Only 29% of Healthcare Entities Have Full Cybersecurity Program

by Fred Donovan

Only 29 percent of healthcare organizations report having a comprehensive cybersecurity program in place, according to the 2018 CHIME HealthCare’s Most Wired survey released this week. Among those organizations that don’t have...

HHS Opens Healthcare Cybersecurity Center To Aid Private Sector

by Fred Donovan

HHS has opened its Health Sector Cybersecurity Coordination Center (HC3), which will be a healthcare cybersecurity threat analysis and incident response partner to the private sector. HC3 replaces the Healthcare Cybersecurity and...

Server Configuration Is Top Healthcare Software Vulnerability

by Fred Donovan

Server configuration is the top healthcare software vulnerability, followed by information leakage and cryptographic issues, according to Veracode’s State of Software Security (SOSS) study. Other top vulnerabilities for...

CISOs Need to Be Both Healthcare IT Security and Business Experts

by Fred Donovan

CISOs need to be business experts as well as healthcare IT security experts, observed University of Chicago Medicine VP and CIO Heather Nelson during her Oct. 19 keynote address at the Safeguarding Health Information: Building Assurance...

Healthcare Organizations Struggle with Vendor IT Security Risks

by Fred Donovan

BOSTON – Healthcare organizations have a range of approaches for assessing and managing the IT security risks posed by third-party vendors, one of the biggest sources of frustration for security teams. St. Luke’s Health System...

OIG Forms Team to Protect HHS, Boost Cybersecurity Best Practices

by Fred Donovan

The HHS OIG has formed a multidisciplinary cybersecurity team composed of auditors, evaluators, investigators, and attorneys from various HHS agencies to help protect department data and systems and foster cybersecurity best practices...

Remote Access System Hacking Is No. 1 Patient Safety Risk

by Fred Donovan

Hackers attacking healthcare through remote access systems and disrupting operations is the number one patient safety risk, according to the ECRI Institute’s annual Top 10 Health Technology Hazards for 2019. ECRI Institute said it...

HPH SCC Set To Issue Cybersecurity Best Practices for Healthcare

by Fred Donovan

The Healthcare and Public Health Sector Coordinating Council (HPH SCC) soon plans to release voluntary cybersecurity best practices for medical device manufacturers and healthcare providers, the groups announced Oct. 1 on the kickoff...

Healthcare Workers Uninformed About Cybersecurity Best Practices

by Fred Donovan

Forty percent of healthcare workers would allow a colleague to use their work computer, displaying a disturbing lack of knowledge about cybersecurity best practices. Surprisingly, healthcare workers performed better than government...

NIST Cybersecurity Framework To Get Privacy Framework Companion

by Fred Donovan

NIST is launching a collaborative privacy framework initiative as a complement to the NIST Cybersecurity Framework, the agency announced Sept. 4. The privacy framework would provide voluntary guidelines for protecting privacy in an era of...

CISOs Unite To Improve IT Security in Healthcare Supply Chain

by Fred Donovan

Healthcare CISOs have set up a council to develop, recommend, and promote security best practices to bolster IT security throughout the healthcare supply chain. Founding members of the Provider Third Party Risk Management Council include...

For ASCs, Size Matters When It Comes to Healthcare Cybersecurity

by Fred Donovan

For ambulatory surgery centers (ASCs), healthcare cybersecurity challenges and responses are different depending on the size of the operation, observed Tom Hui, founder of SurgiCenter Information Systems and CEO of HSTpathways. Hui noted...

CISOs Stockpile Cryptocurrency in Case of Ransomware Attack

by Fred Donovan

The threat of a ransomware attack has led nearly three-quarters of CISOs to stockpile cryptocurrency to pay cybercriminals, according to survey of 1,700 IT, security, and business leaders in the United States, the UK, and Germany by...

Healthcare Data Security Worries Discourage Virtual Care Use

by Fred Donovan

Concerns about healthcare data security and patient privacy are holding physicians back from using virtual care technology, according to a survey of physicians and consumers by Deloitte. One-third of physicians cited data security and...

Software Patching Integral to PHI Data Security, HIPAA Compliance

by Fred Donovan

Healthcare organizations and vendors are responsible for identifying and mitigating the risks unpatched software poses to ePHI as part of their HIPAA compliance, OCR advised in its June Cybersecurity Newsletter. As part of their risk...

Top 10 Cybersecurity Best Practices for Healthcare CISOs

by Fred Donovan

Faced with an onslaught of threats these days, healthcare chief information security officers (CISOs) need to take a deep breath and focus on cybersecurity best practices. The number and frequency of these threats—ransomware,...

Siemens Flags Cybersecurity Vulnerabilities in RAPID Blood-Gas Analyzers

by Fred Donovan

Siemens Healthineers is warning about two cybersecurity vulnerabilities affecting its RAPID blood-gas analyzers that could enable attackers to compromise the confidentiality, integrity, and availability of the devices.  The...

Congress Turns Up Heat on HHS About Cybersecurity Threat Report

by Fred Donovan

Congress is taking HHS to task about problems with the department’s cybersecurity threat report required by the Cybersecurity Information Sharing Act of 2015. The HHS Cyber Threat Preparedness Report (CTPR) “omitted or lacked...

Older Healthcare OSes Open to Cybersecurity Vulnerabilities

by Fred Donovan

The healthcare industry is the slowest industry in upgrading to Windows 10, meaning that many in healthcare are running older versions of Windows more susceptible to cybersecurity vulnerabilities, according to the latest data from Duo...

HITRUST Unveils Certification for NIST Cybersecurity Framework

by Fred Donovan

The Health Information Trust Alliance (HITRUST) launched May 22 a certification program for the NIST Cybersecurity Framework (CSF) that makes it easier for security teams to report on their implementation of the framework to upper...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...