Healthcare Information Security

Cybersecurity in Healthcare

Neurology Foundation Unauthorized PHI Access Could Affect 12K

September 21, 2017 - Rhode Island-based The Neurology Foundation, Inc. (Foundation) recently announced that an employee had been making unauthorized PHI access. The employee had been using a company credit card to make unauthorized purchases, but it was discovered that the individual had also transferred certain Foundation data onto a hard drive stored in the employee’s home. “The storage of Foundation...


More Articles

Focusing on Healthcare IoT Security with Expanding Market

by Elizabeth Snell

The Internet of Things (IoT) is quickly becoming a more attractive option to organizations across sectors, but IoT security, standards, interoperability, and cost are still key concerns for executives, a recent report found. Verizon’s State...

HITRUST Urges Collaboration for Improved Healthcare Cybersecurity

by Elizabeth Snell

HITRUST held its first Community Extension Program meeting last week at Tufts Medical Center in downtown Boston, talking challenges, best practices, and lessons learned in healthcare risk management programs. One of the overarching goals of the...

Using Threat Intelligence to Improve Healthcare Cybersecurity

by Elizabeth Snell

While 84 percent of organizations consider threat intelligence “essential to a strong security posture,” entities admit that the large amount of threat data and a lack of staff expertise lower their threat program effectiveness, according...

Why Guidance is Critical for Strengthening Healthcare Cybersecurity

by Elizabeth Snell

Healthcare providers must adhere to HIPAA rules and required state regulation with regard to maintaining data security. But not all regulations are specific in how covered entities should approach healthcare cybersecurity in an evolving industry....

ICS-CERT Reports Medfusion Medical Device Vulnerabilities

by Elizabeth Snell

Recently discovered medical device vulnerabilities in infusion pumps could potentially allow a remote attacker to gain unauthorized access, affecting the pump’s intended operation, according to the Department of Homeland Security’s...

Medical Device Security Critical with FDA Interoperability Guide

by Elizabeth Snell

Safely and effectively exchanging and using data is the key focus of the recent FDA guide on medical device security and interoperability. FDA explained that Design Considerations and Pre-market Submission Recommendations for Interoperable Medical...

3 Tips to Ensure Healthcare Data Security in Evolving Environment

by Bill Kleyman

There’s so much happening with new types of advanced security technologies. Healthcare data security teams must analyze solutions around on premise as well as cloud options. Furthermore, the granularity of security makes it a challenge...

Maintaining Medical Device Cybersecurity in an Evolving Industry

by Elizabeth Snell

Outdated operating systems in connected devices could create patient safety issues in addition to medical device cybersecurity concerns. A faulty implanted device could impacts patients or ransomware could prevent patients from receiving proper...

FDA Announces Update on Abbott Cybersecurity Vulnerabilities

by Elizabeth Snell

A recent firmware update was created in an effort to reduce potential harm from cybersecurity vulnerabilities in certain Abbott pacemakers. The FDA approved the update, saying patients and providers should discuss the firmware update at their...

HIMSS Stresses Proactive Healthcare Cybersecurity Measures

by Elizabeth Snell

Regular risk assessments, updating business continuity plans, and implementing a cybersecurity framework are all key ways for providers to follow a proactive healthcare cybersecurity approach, according to HIMSS Director of Privacy and Security...

Improve Healthcare Authentication with New NIST Guide

by Elizabeth Snell

NIST recently released updated digital identity guidelines for federal agencies looking to create a secure authentication process. While not designed for healthcare authentication specifically, the guidelines could help the industry ensure a...

Medical Device Cybersecurity Top Challenge to IoT Ecosystem

by Elizabeth Snell

Individuals working in the Internet of Things (IoT) connected medical device ecosystem are most concerned with potential medical device cybersecurity issues, according to a recent Deloitte poll. Nearly one-third of respondents – 35.6 percent...

How HHS’ HCCIC Will Improve Healthcare Cybersecurity

by Elizabeth Snell

HHS’ Healthcare Cybersecurity and Communications Integration Center (HCCIC) is a critical step toward improving healthcare cybersecurity and will also augment the Department of Homeland Security’s own National Cybersecurity and Communications...

NICE Cybersecurity Workforce Framework Focuses on Education

by Elizabeth Snell

The National Initiative for Cybersecurity Education (NICE) released a Cybersecurity Workforce Framework to help organizations in various sectors educate and train staff members in needed cybersecurity measures. Entities will also have guidance...

HIMSS: Medical Device Security, Data Breaches Top Concerns

by Elizabeth Snell

Healthcare security professionals are mainly concerned with medical device security, patient safety, and data breaches, according to the 2017 HIMSS Cybersecurity survey. More healthcare organizations are working toward their cybersecurity programs,...

DHS, Siemens Warn of Potential Medical Device Vulnerabilities

by Elizabeth Snell

Possible medical device vulnerabilities, specifically within medical imaging products, have been identified, according to an advisory from the Department of Homeland Security’s (DHS) Industrial Control Systems Cyber Emergency Response Team...

HITRUST, Trend Micro Set to Improve Cyber Threat Management

by Elizabeth Snell

HITRUST and Trend Micro have partnered together in an effort to further advance cyber threat information sharing and the cyber threat management process, according to a HITRUST release. The HITRUST Cyber Threat Management and Response Center...

OCR Stresses Employee Training Need in PHI Security

by Elizabeth Snell

The need for strong employee training only increases as the healthcare risk landscape grows and threatens PHI security, according to the recent OCR cybersecurity newsletter. Data security training is necessary for combatting threats such as ransomware...

Why Healthcare Cybersecurity Budgets Should Increase

by Elizabeth Snell

As HIPAA data breaches continue to be reported, it would make sense that healthcare cybersecurity budgets increase as necessary to ensure that organizations are prepared for potential attacks. Making investments in technological safeguards, employee...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks