Healthcare Information Security

Cybersecurity in Healthcare

9 Cybersecurity Vulnerabilities Found in Philips E-Alert Tool

by Fred Donovan

Nine cybersecurity vulnerabilities have been found in the Philips e-Alert Unit, a tool that monitors MRI system performance, according to an Aug. 30 ICS-CERT advisory. Attackers could exploit these vulnerabilities to compromise user...

For ASCs, Size Matters When It Comes to Healthcare Cybersecurity

by Fred Donovan

For ambulatory surgery centers (ASCs), healthcare cybersecurity challenges and responses are different depending on the size of the operation, observed Tom Hui, founder of SurgiCenter Information Systems and CEO of HSTpathways. Hui noted...

Qualcomm’s Medical Gateway Has Critical Cybersecurity Vulnerability

by Fred Donovan

Qualcomm Life’s Capsule Datacaptor Terminal Server, a medical gateway device, has a critical cybersecurity vulnerability in its code that could enable an attacker to obtain administrator-level privileges, ICS-CERT warned in an...

Wireless Infusion Pumps Could Increase Cybersecurity Vulnerability

by Fred Donovan

Wirelessly connecting infusion pumps to point-of-care medication systems and EHRs improves healthcare delivery but also increases cybersecurity vulnerability, warned NIST and the National Cybersecurity Center of Excellence (NCCoE) in a new...

Critical Cybersecurity Vulnerability Found in BD Alaris Plus Pump

by Fred Donovan

The BD Alaris Plus medical syringe pump has a critical cybersecurity vulnerability that could enable an attacker to gain remote access to the pump and affect its operation when it is connected to a terminal server via the serial port, BD...

Philips IntelliVue Information Center Hit By Cybersecurity Vulnerability

by Fred Donovan

Philips IntelliVue Information Center iX central patient monitoring system has a cybersecurity vulnerability that could result in the operating system becoming unresponsive due to a network attack, the ICS-CERT warned in an August 21...

Philips Delays Fix for Cardiograph Cybersecurity Vulnerabilities

by Fred Donovan

Philips does not intended to fix cybersecurity vulnerabilities in its PageWriter Cardiograph devices, which could allow attackers to modify settings on the devices, until mid-year 2019, according to an August 16 advisory from...

Cybersecurity Vulnerabilities Lurk in Philips IntelliSpace System

by Fred Donovan

ICS-CERT is warning about cybersecurity vulnerabilities in Philips’ IntelliSpace Cardiovascular (ISCV) cardiac image and information management systems that could enable an attacker to escalate privileges on the ISCV server and...

McAfee Uncovers Cybersecurity Vulnerabilities in Patient Monitors

by Fred Donovan

McAfee Labs has discovered cybersecurity vulnerabilities in a protocol used by patient monitors to communicate with central monitoring stations. If hackers could exploit the weakness in the RWHAT protocol used by connected medical devices...

Medtronic Criticized for Lax Medical Device Security Response

by Fred Donovan

Researchers Billy Rios and Jonathan Butts criticized Medtronic’s response to medical device security issues in its products during a presentation at the BlackHat security conference held last week in Las Vegas. The researchers said...

ICS-CERT Flags Medtronic Devices for Cybersecurity Vulnerabilities

by Fred Donovan

A Medtronic patient monitor and an insulin pump were flagged this week by ICS-CERT for cybersecurity vulnerabilities that could expose sensitive data to attackers. The Medtronic MyCareLink patient monitor suffers from insufficient...

Man Convicted of DDoS Attack Against Boston Children’s Hospital

by Fred Donovan

Martin Gottesfeld of Somerville, Massachusetts, was convicted by a federal jury of carrying out a DDoS attack against Boston Children’s Hospital and against Wayside Youth and Family Support Network, the Department of...

SamSam Ransomware Attacks Net Creator $6M So Far

by Fred Donovan

SamSam ransomware attacks, which have targeted healthcare organizations, has netted its creator $6 million so far, according to a recent report by security firm Sophos. Three-quarters of the victims are based in the United States, and the...

Accidents Were Most Frequent Cause of Healthcare Data Breaches

by Fred Donovan

In the second quarter of 2018, the most frequent cause of healthcare data breaches was accidental disclosures, according to incidents reported to the Beazley Breach Response Services team.  Accidental disclosures made up 38 percent...

Half of US Adults Are Anxious About Healthcare Data Security

by Fred Donovan

Around half of US adults (49%) are extremely or very concerned about their healthcare data security, such as diagnoses, health history, and test results, according to a survey of more than 2,000 US adults by The Harris Poll on behalf of...

CMS Would Drop Security Risk Analysis from Interoperability Score

by Fred Donovan

CMS is proposing that the Protect Patient Health Information objective and its associated measure, security risk analysis, would no longer be scored as a measure but would act as a prerequisite for a participating clinician to earn any...

HHS Fails To Fix Cybersecurity Vulnerabilities, Putting PHI At Risk

by Fred Donovan

HHS has failed to remedy cybersecurity vulnerabilities in its systems that could put PHI at risk, warned the GAO in a report released July 25. The GAO cited problems at CMS that threaten to compromise Medicare beneficiary data and the...

C-Suite May Lack Awareness of Healthcare Supply Chain Risk

by Fred Donovan

A majority of healthcare industry respondents think their organization’s leadership may lack awareness of healthcare supply chain risk, according to a survey by Vanson Bourne on behalf of endpoint security firm CrowdStrike. A full...

Despite Flashy Attacks, Healthcare Ransomware Attacks Decline

by Fred Donovan

Even with some well-publicized ransomware attacks against healthcare organizations this year, such as Allscripts and LabCorp, healthcare ransomware attacks are on the decline, according to the latest analysis by cybersecurity firm...

Strong Healthcare Data Security Needed for EHR Use in Clinical Trials

by Fred Donovan

The FDA is recommending that organizations and individuals conducting clinical investigations have strong healthcare data security and privacy controls in place when using EHR data for agency-regulated research. In its recently issued Use...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...