Healthcare Information Security

Cybersecurity Best Practices

Reducing Cybersecurity Vulnerabilities Part of FDA Action Plan

by Fred Donovan

The Food and Drug Administration (FDA) is asking Congress for additional authority and funding to expand its efforts to improve medical device safety, including reducing cybersecurity vulnerabilities in devices, said FDA Commissioner Scott...

Applying Inogen Data Breach Lessons to Healthcare Providers

by Fred Donovan

The recent Inogen data breach, in which hackers were able to penetrate an employee’s email account, highlights the need for healthcare organizations to use multifactor authentication (MFA) to control access and to get...

NIST Unveils Latest Version of Its Popular Cybersecurity Framework

by Fred Donovan

The National Institute of Standards and Technology (NIST) recently released version 1.1 of its popular Cybersecurity Framework, which incorporates feedback received from public comments and workshops during 2016 and 2017. Version 1.1...

Survey Finds Lax Patching Practices Feed Healthcare Data Breaches

by Fred Donovan

Patching vulnerabilities in your systems and applications is one of the most important steps you can take to prevent a healthcare data breach at your organization. Yet, a majority of security professionals in the healthcare and...

Healthcare Pros Worry about Data Security at Other Organizations

by Fred Donovan

Many healthcare professionals are conflicted when it comes to data security. More than three-fourths of 122 healthcare professionals surveyed by security vendor Venafi at HIMSS18 are worried about healthcare data security, yet 68 percent...

Preparing for a Potential Healthcare Data Breach Investigation

by Elizabeth Snell

A current and comprehensive risk management plan, including a good auditing process, will be critical for organizations that must deal with a healthcare data breach investigation. Covered entities and business associates will be better...

South Dakota is 49th State to Pass Data Breach Notification Law

by Elizabeth Snell

South Dakota became the 49th state to have a data breach notification law when Governor Dennis Daugaard signed SB 62 into law on March 21, 2018. The bill includes health information in its definition of personal information as well, which...

Attorneys General Stress Need for State Data Breach Laws

by Elizabeth Snell

It would be greatly detrimental to have federal regulations that preempt state data security and state data breach laws, according to a group of 32 attorneys general, led by Illinois Attorney General Lisa Madigan. The letter explains...

Threat Intelligence Sharing Essential for Healthcare Cybersecurity

by Elizabeth Snell

The National Health Information Sharing and Analysis Center (NH-ISAC) constantly stresses the need for threat intelligence sharing in the healthcare sector, especially as cybersecurity threats grow increasingly...

Utilizing Holistic Cybersecurity Measures Against Evolving Threats

by Elizabeth Snell

It is essential for healthcare providers to evolve their cybersecurity program to stay ahead of evolving threats, utilizing holistic cybersecurity measures that focus on prevention, detection, and response. That was the focus of a HIMSS18...

Federal Cybersecurity Program Funding Urged in Letter to Congress

by Elizabeth Snell

The Department of Homeland Security’s (DHS) federal cybersecurity program will greatly benefit from increased funding in Fiscal Year 2019, according to a trio of lawmakers. Reps. John Ratcliffe (R-Texas), Jim Langevin (D-R.I.) and...

Improving Cybersecurity Response in Healthcare Organizations

by Elizabeth Snell

Organizations must have the right staff members in place who are properly trained, and also have appropriate technical tools to ensure that a proper cybersecurity response can occur following a data security incident. Healthcare entities...

NH-ISAC, Anomali Partner to Improve Secure Healthcare Data Sharing

by Elizabeth Snell

Having a more seamless secure healthcare data sharing process is at the driving factor behind the National Health Information Sharing and Analysis Center (NH-ISAC) and Anomali recently partnering together. The organizations want...

Stronger Healthcare Cyber Hygiene Can Improve Patient Safety

by Elizabeth Snell

HHS’ Office of Inspector General (OIG) should create an exemption allowing donations of training/education services, software, and technology to improve healthcare cyber hygiene, according to the Association for Executives in...

Insufficient Staffing, Education Hinders Healthcare Cybersecurity

by Elizabeth Snell

Hospitals and payer organizations could make major strides in improving their healthcare cybersecurity measures by hiring the right staff members and by implementing comprehensive employee education and training, according to a Merlin...

Focusing on Healthcare Data Privacy with Information Governance

by Elizabeth Snell

Healthcare data privacy and security is one of the top industry challenges, but a comprehensive and holistic information governance (IG) program can be essential in overcoming it. Information governance is not often considered with...

Healthcare Ransomware, Data Breaches Represent Top Industry Threats

by Elizabeth Snell

For the second straight year, healthcare data breaches were cited as a top threat to the industry, according to the annual HIMSS Cybersecurity Survey. Healthcare ransomware and malware that steals credentials are also key worry areas for...

Healthcare Risk Assessments Key Driver for Security Investments

by Elizabeth Snell

More providers are adopting cybersecurity frameworks and prioritizing risk assessment, according to the third annual Symantec and HIMSS Analytics HIT Security and Risk Management Study. However, organizations are still underinvesting in...

Hospitals Continue to Value Healthcare Cybersecurity, Patient Safety

by Elizabeth Snell

Vendor and healthcare leadership teams have differing IT priorities for 2018, according to the 2018 HIMSS U.S. Leadership and Workforce Survey. Hospitals are honing in on healthcare cybersecurity and data privacy needs, while vendors...

Weak Healthcare Cybersecurity Employee Training Affects IT Security

by Elizabeth Snell

Covered entities must ensure that staff members at all levels receive regular and comprehensive healthcare cybersecurity employee training. This is a HIPAA requirement but is also critical to keeping the workforce up to date on evolving IT...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...