Healthcare Information Security

Cybersecurity in Healthcare

Cybersecurity Vulnerabilities Lurk in Brain Stimulation Devices

by Fred Donovan

Neurostimulators have cybersecurity vulnerabilities that could be exploited by hackers to get access to the devices, manipulate them, and steal data transmitted by them. This was the conclusion of a report prepared by security firm...

Healthcare Continues To Bear the Brunt of Ransomware Attacks

by Fred Donovan

Healthcare remains the most targeted industry by ransomware attacks, which have spiked in the third quarter of 2018, according to latest data from specialist insurer Beazley. Ransom demands in the most sophisticated type of breaches also...

HHS Opens Healthcare Cybersecurity Center To Aid Private Sector

by Fred Donovan

HHS has opened its Health Sector Cybersecurity Coordination Center (HC3), which will be a healthcare cybersecurity threat analysis and incident response partner to the private sector. HC3 replaces the Healthcare Cybersecurity and...

Server Configuration Is Top Healthcare Software Vulnerability

by Fred Donovan

Server configuration is the top healthcare software vulnerability, followed by information leakage and cryptographic issues, according to Veracode’s State of Software Security (SOSS) study. Other top vulnerabilities for...

HSCC Wants Healthcare Cybersecurity Waiver to Anti-kickback Rules

by Fred Donovan

The Healthcare Sector Coordinating Council (HSCC) asked the HHS OIG for a waiver to the anti-kickback rules to enable the donation of healthcare cybersecurity technology and services to improve the cybersecurity of smaller healthcare...

Healthcare Takes Around 350 Days to Identify, Contain Data Breach

by Fred Donovan

The healthcare industry had the second highest number of days to identify and contain a data breach, around 350 days, according to a recent study by The Ponemon Institute and IBM. The healthcare industry was second only to the...

ERS Online Coding Error Exposes 1.25M Users to Health Data Breach

by Fred Donovan

The Employee Retirement System (ERS) of Texas reported to OCR on Oct. 15 that information on potentially 1.25 million people may have been exposed in a health data breach. In a statement on its website, ERS explained that a coding error...

Healthcare Cybersecurity Is a Top Safety Issue for Hospital Pros

by Fred Donovan

Healthcare cybersecurity was listed as one of the top safety issues for hospitals and other healthcare facilities, behind severe weather and active shooter incidents, according to a survey of 300 healthcare safety professionals by Rave...

FDA Takes Steps to Beef Up Medical Device Security Bona Fides

by Fred Donovan

The FDA has taken some recent steps to beef up its bona fides in medical device security. First, it recently signed a memorandum of agreement with the Department of Homeland Security to implement a new framework for increased...

MNIT Commissioner Faces Legislative Scrutiny Over Phishing Attacks

by Fred Donovan

Minnesota IT Services (MNIT) Commissioner Johanna Clyborne faced criticism for the four-month delay in informing victims of two phishing attacks that exposed PHI and other personal information on 20,800 clients of the Minnesota Department...

Health Data Breach on Healthcare.gov Portal Affects 75K People

by Fred Donovan

Personal information of around 75,000 individuals is at risk from a health data breach that affected a Healthcare.gov portal for agents and brokers, CMS announced Oct. 19. The breached portal, called the Direct Enrollment pathway, allows...

CISOs Need to Be Both Healthcare IT Security and Business Experts

by Fred Donovan

CISOs need to be business experts as well as healthcare IT security experts, observed University of Chicago Medicine VP and CIO Heather Nelson during her Oct. 19 keynote address at the Safeguarding Health Information: Building Assurance...

NCCoE Unveils Vendor Partners for Medical Device Security Project

by Fred Donovan

The NIST-backed National Cybersecurity Center of Excellence (NCCoE) unveiled this week an initial set of vendor partners for a medical device security project called Securing Picture Archiving and Communication Systems (PACS). The vendor...

Healthcare Organizations Struggle with Vendor IT Security Risks

by Fred Donovan

BOSTON – Healthcare organizations have a range of approaches for assessing and managing the IT security risks posed by third-party vendors, one of the biggest sources of frustration for security teams. St. Luke’s Health System...

SRA Tool 3.0 Expands Application to More Health Data Security Risks

by Fred Donovan

OCR and ONC have updated their security risk assessment (SRA) tool (3.0) to improve usability and expand its application to a broader range of health data security risks. The agencies developed the tool to help small to medium-sized...

Risk Posed By 3rd-Party Services Is Big Healthcare Security Worry

by Fred Donovan

BOSTON—Security risks posed by integration of third-party patient services will be an ongoing healthcare security concern for organizations, commented Johns Hopkins University and Medicine CISO Darren Lacey during a panel...

Security Leaders Will Need to Protect Patient Privacy at Home

by Fred Donovan

BOSTON – Healthcare security leaders need to think beyond protecting the organization to protecting patient privacy and data security at home in the coming years, observed Christiana Care Health System CISO Anahi Santiago. “At...

FDA Warns of Cybersecurity Vulnerabilities in CareLink Programmers

by Fred Donovan

The FDA has issued a medical device safety alert about cybersecurity vulnerabilities in Medtronic’s CareLink programmers that could enable an attacker to change the functionality of the programmer or the implanted pacemaker it...

‘Payment Notification’ Is Top Healthcare Phishing Attack Subject

by Fred Donovan

The term “Payment Notification” is the top healthcare phishing attack subject, appearing in 58 percent of healthcare phishing attack campaigns in 2018, according to the latest data from Cofense. Other popular subjects in...

Michigan Medicine Reports 2nd Healthcare Data Breach This Year

by Fred Donovan

The University of Michigan’s Michigan Medicine reported to OCR on Sept. 28 that there was an unauthorized access/disclosure of paper records that affected 3,624 individuals. In a press release, Michigan Medicine said that there was...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...