Healthcare Information Security

Cybersecurity in Healthcare

Insider Health Data Security Threats Bigger Concern than External

by Fred Donovan

Many healthcare professionals are more concerned about insider threats to health data security than external breaches, according to a survey by HIMSS on behalf of SailPoint. There is an acute level of concern about the threats posed...

Cass Diverts Patients, Shuts Down EHR Due to Ransomware Attack

by Fred Donovan

Cass Regional Medical Center in Harrisonville, Missouri, has diverted trauma and stroke patients and shut down its EHR system due to a ransomware attack, the hospital said in a July 9 statement on its website. Cass became aware of the...

CHIME Says Healthcare Cybersecurity Should Be Innovation Focus

by Fred Donovan

Healthcare cybersecurity should be one focus area of a public-private workgroup that HHS is suggesting to examine healthcare innovation and investment, argued the College of Healthcare Information Management Executives (CHIME) in its...

Connected Medical Device Security Increasing Healthcare Worry

by Fred Donovan

Medical device security will become an increasing concern for healthcare organizations, particularly as more of these devices are connected to the Internet, internal networks, and Wi-Fi, predicted a new report by Transparency Market...

Children’s Mercy Hospital Phishing Attack Impacts PHI of 60K

by Fred Donovan

A phishing attack targeting employees at Missouri-based Children’s Mercy Hospital may have compromised PHI on more than 60,000 individuals, the Kansas City Star reported July 3. The information possibly accessed by hackers included...

Cybercriminals Move from Ransomware Attacks to Crypto Mining

by Fred Donovan

The cyberthreat landscaping is changing rapidly. For example, ransomware attacks, which have devasted the healthcare industry, are being replaced by cryptocurrency mining attacks among cybercriminals motived by financial gain, according to...

Cybersecurity Vulnerabilities Afflict Medtronic Heart Monitor

by Fred Donovan

The Medtronic MyCareLink handheld patient monitor, used for patients with an implantable heart device, suffers from a number of cybersecurity vulnerabilities that could allow an attacker to gain access to the operating system and product...

Healthcare Internet Crimes Cost Victims $925,849 Last Year

by Fred Donovan

Healthcare internet crimes cost victims $925,849 last year, according to the FBI Internet Crime Complaint Center’s (IC3) 2017 Internet Crime Report.  The report includes stats on internet crime complaints received by the...

Top 10 Cybersecurity Best Practices for Healthcare CISOs

by Fred Donovan

Faced with an onslaught of threats these days, healthcare chief information security officers (CISOs) need to take a deep breath and focus on cybersecurity best practices. The number and frequency of these threats—ransomware,...

Siemens Flags Cybersecurity Vulnerabilities in RAPID Blood-Gas Analyzers

by Fred Donovan

Siemens Healthineers is warning about two cybersecurity vulnerabilities affecting its RAPID blood-gas analyzers that could enable attackers to compromise the confidentiality, integrity, and availability of the devices.  The...

Cryptocurrency Mining Tops Ransomware Attacks as New Cyberthreat

by Fred Donovan

While ransomware attacks continue to preoccupy the minds of healthcare IT security pros, a new threat is emerging—cryptocurrency mining. Not as devastating as ransomware, cryptocurrency mining malware can still degrade system...

Natus Plugs 8 Cybersecurity Vulnerabilities in EEG Software

by Fred Donovan

Natus Medical has updated its NeuroWorks software to plug eight cybersecurity vulnerabilities that could enable an attacker to get control of the Natus Xltek electroencephalogram (EEG) device and crash it, according to a June 14 ICS-CERT...

Healthcare Orgs, Device Makers Debate Cybersecurity Vulnerabilities

by Fred Donovan

A number of medical organizations have submitted recommendations to the House Energy and Commerce Committee on how to reduce cybersecurity vulnerabilities in aging healthcare IT systems and medical devices under the committee’s...

Organizations Lack Adequate Budget for Medical Device Security

by Fred Donovan

Despite recognizing medical device security as a priority, only 37 percent of more than 100 healthcare practitioners had budgets to implement their device security strategy, according to a HIMSS survey. Most respondents (85%) said...

Congress Turns Up Heat on HHS About Cybersecurity Threat Report

by Fred Donovan

Congress is taking HHS to task about problems with the department’s cybersecurity threat report required by the Cybersecurity Information Sharing Act of 2015. The HHS Cyber Threat Preparedness Report (CTPR) “omitted or lacked...

Meltdown, Spectre Variants Could Endanger Healthcare Data Security

by Fred Donovan

New variants of the Meltdown and Spectre security vulnerabilities were recently discovered by researchers, possibly putting healthcare data security at risk. The vulnerabilities affect hundreds of millions of processors used in desktop...

Ransomware Attacks Topped List of Cyber Insurance Claims

by Fred Donovan

More than one-quarter of cyber insurance claims received by AIG last year were the result of ransomware attacks, the largest percentage of any cyberattack type, according to the insurance giant’s 2017 cyber insurance claim...

AHA Backs Providers’ Inclusion in FDA Medical Device Security Board

by Fred Donovan

The FDA should include healthcare providers on the medical device security board proposed in the agency’s recently released Medical Device Safety Action Plan, argued the American Hospital Association (AHA). According to the...

ICS-CERT Flags BeaconMedaes Medical Device Security Issues

by Fred Donovan

A recent ICS-CERT advisory warned about medical device security problems with the BeaconMedaes TotalAlert Scroll medical air systems. An attacker could exploit vulnerabilities in the Scroll medical air system web application to view and...

Health IT Security Weakness Found by ONC Challenge Winner

by Fred Donovan

The Secure API Server Showdown Challenge stage 2 winner, 1upHealth, was able to uncover a health IT security weakness in a Fast Healthcare Interoperability Resources (FHIR) server database, announced the HHS Office of the National...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...