Healthcare Information Security

Cybersecurity in Healthcare

Cass Regional Finally Recovers from Devastating Ransomware Attack

July 18, 2018 - Cass Regional Medical Center finally has its EHR system back online and is no longer diverting emergency patients to other hospitals a week after it suffered a ransomware attack. The initial attack, reported by the Missouri-based hospital on July 9, disrupted its internal communications systems and access to its EHR system, forcing it to diver trauma and stroke patients to other facilities....


More Articles

Response to Spectre, Meltdown Cybersecurity Vulnerabilities Queried

by Fred Donovan

US lawmakers want answers from the Software Engineering Institute’s (SEI) CERT Coordination Center (CERT-CC) to questions about the industry's response to the Spectre and Meltdown cybersecurity vulnerabilities disclosed in January of...

LabCorp’s Network Security Breach May Have Exposed PHI of Millions

by Fred Donovan

After recently dodging a legal bullet over an alleged HIPAA violation, LabCorp is now facing a network security breach that forced the North Carolina-based laboratory diagnostics firm to shut down its IT network, possibly placing PHI of millions...

Allscripts Wants Ransomware Attack Class-Action Lawsuit Dismissed

by Fred Donovan

EHR vendor Allscripts wants a district court judge in Illinois to dismiss a class-action lawsuit filed by Florida-based Surfside Non-Surgical Orthopedics over the SamSam ransomware attack that encrypted patient data and took Allscripts’...

MedEvolve Cops to Healthcare Data Breach With PHI on 200K at Risk

by Fred Donovan

Arkansas-based practice management software provider MedEvolve has finally copped to a healthcare data breach at one of its customers, Premier Immediate Medical Care, which may have impacted more than 200,000 current and former patients of Premier....

Insider Health Data Security Threats Bigger Concern than External

by Fred Donovan

Many healthcare professionals are more concerned about insider threats to health data security than external breaches, according to a survey by HIMSS on behalf of SailPoint. There is an acute level of concern about the threats posed by insiders....

Cass Diverts Patients, Shuts Down EHR Due to Ransomware Attack

by Fred Donovan

Cass Regional Medical Center in Harrisonville, Missouri, has diverted trauma and stroke patients and shut down its EHR system due to a ransomware attack, the hospital said in a July 9 statement on its website. Cass became aware of the ransomware...

CHIME Says Healthcare Cybersecurity Should Be Innovation Focus

by Fred Donovan

Healthcare cybersecurity should be one focus area of a public-private workgroup that HHS is suggesting to examine healthcare innovation and investment, argued the College of Healthcare Information Management Executives (CHIME) in its comments...

Connected Medical Device Security Increasing Healthcare Worry

by Fred Donovan

Medical device security will become an increasing concern for healthcare organizations, particularly as more of these devices are connected to the Internet, internal networks, and Wi-Fi, predicted a new report by Transparency Market Research....

Children’s Mercy Hospital Phishing Attack Impacts PHI of 60K

by Fred Donovan

A phishing attack targeting employees at Missouri-based Children’s Mercy Hospital may have compromised PHI on more than 60,000 individuals, the Kansas City Star reported July 3. The information possibly accessed by hackers included patient...

Cybercriminals Move from Ransomware Attacks to Crypto Mining

by Fred Donovan

The cyberthreat landscaping is changing rapidly. For example, ransomware attacks, which have devasted the healthcare industry, are being replaced by cryptocurrency mining attacks among cybercriminals motived by financial gain, according to the...

Cybersecurity Vulnerabilities Afflict Medtronic Heart Monitor

by Fred Donovan

The Medtronic MyCareLink handheld patient monitor, used for patients with an implantable heart device, suffers from a number of cybersecurity vulnerabilities that could allow an attacker to gain access to the operating system and product development...

Healthcare Internet Crimes Cost Victims $925,849 Last Year

by Fred Donovan

Healthcare internet crimes cost victims $925,849 last year, according to the FBI Internet Crime Complaint Center’s (IC3) 2017 Internet Crime Report.  The report includes stats on internet crime complaints received by the center...

Top 10 Cybersecurity Best Practices for Healthcare CISOs

by Fred Donovan

Faced with an onslaught of threats these days, healthcare chief information security officers (CISOs) need to take a deep breath and focus on cybersecurity best practices. The number and frequency of these threats—ransomware, cryptocurrency...

Siemens Flags Cybersecurity Vulnerabilities in RAPID Blood-Gas Analyzers

by Fred Donovan

Siemens Healthineers is warning about two cybersecurity vulnerabilities affecting its RAPID blood-gas analyzers that could enable attackers to compromise the confidentiality, integrity, and availability of the devices.  The vulnerabilities...

Cryptocurrency Mining Tops Ransomware Attacks as New Cyberthreat

by Fred Donovan

While ransomware attacks continue to preoccupy the minds of healthcare IT security pros, a new threat is emerging—cryptocurrency mining. Not as devastating as ransomware, cryptocurrency mining malware can still degrade system performance...

Natus Plugs 8 Cybersecurity Vulnerabilities in EEG Software

by Fred Donovan

Natus Medical has updated its NeuroWorks software to plug eight cybersecurity vulnerabilities that could enable an attacker to get control of the Natus Xltek electroencephalogram (EEG) device and crash it, according to a June 14 ICS-CERT advisory....

Healthcare Orgs, Device Makers Debate Cybersecurity Vulnerabilities

by Fred Donovan

A number of medical organizations have submitted recommendations to the House Energy and Commerce Committee on how to reduce cybersecurity vulnerabilities in aging healthcare IT systems and medical devices under the committee’s Supported...

Organizations Lack Adequate Budget for Medical Device Security

by Fred Donovan

Despite recognizing medical device security as a priority, only 37 percent of more than 100 healthcare practitioners had budgets to implement their device security strategy, according to a HIMSS survey. Most respondents (85%) said they used...

Congress Turns Up Heat on HHS About Cybersecurity Threat Report

by Fred Donovan

Congress is taking HHS to task about problems with the department’s cybersecurity threat report required by the Cybersecurity Information Sharing Act of 2015. The HHS Cyber Threat Preparedness Report (CTPR) “omitted or lacked sufficient...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks