Healthcare Information Security

Cybersecurity in Healthcare

Cybersecurity Vulnerabilities Could Expose PHI in Heart Device

by Fred Donovan

Attackers with physical access to the Biosense Webster CARTO 3 version 4 (V4) heart imaging device could exploit cybersecurity vulnerabilities in the operating system to access protected health information (PHI) stored on the device,...

Reducing Cybersecurity Vulnerabilities Part of FDA Action Plan

by Fred Donovan

The Food and Drug Administration (FDA) is asking Congress for additional authority and funding to expand its efforts to improve medical device safety, including reducing cybersecurity vulnerabilities in devices, said FDA Commissioner Scott...

FDA Warns of Cybersecurity Vulnerability in Defibrillators

by Fred Donovan

Hackers could exploit a cybersecurity vulnerability in implantable cardiac defibrillators made by Abbott Laboratories (formerly St. Jude Medical) and endanger patient safety, according to a safety communication from the Food and Drug...

NIST Unveils Latest Version of Its Popular Cybersecurity Framework

by Fred Donovan

The National Institute of Standards and Technology (NIST) recently released version 1.1 of its popular Cybersecurity Framework, which incorporates feedback received from public comments and workshops during 2016 and 2017. Version 1.1...

SamSam Ransomware Attackers Target Healthcare Providers

by Fred Donovan

So far this year, there have been at least eight cyberattacks on healthcare and government organizations employing the SamSam ransomware, the Department of Health and Human Services (HHS) said in a report released March 30. SamSam...

Healthcare Industry Worst in Stopping Insider Data Breaches

by Fred Donovan

The healthcare industry is the worst when it comes to stopping insider data breaches, according to Verizon’s 2018 Data Breach Investigations Report (DBIR) released April 10. The report found that the healthcare industry was the only...

ICS-CERT Flags Philips, GE Medical Device Vulnerabilities

by Fred Donovan

Dutch healthcare technology giant Philips is reporting medical device vulnerabilities in its iSite and IntelliSpace PACS medical imaging archiving communications systems as well as its Alice 6 polysomnography system, according to security...

Survey Finds Lax Patching Practices Feed Healthcare Data Breaches

by Fred Donovan

Patching vulnerabilities in your systems and applications is one of the most important steps you can take to prevent a healthcare data breach at your organization. Yet, a majority of security professionals in the healthcare and...

Healthcare Pros Worry about Data Security at Other Organizations

by Fred Donovan

Many healthcare professionals are conflicted when it comes to data security. More than three-fourths of 122 healthcare professionals surveyed by security vendor Venafi at HIMSS18 are worried about healthcare data security, yet 68 percent...

Preparing for a Potential Healthcare Data Breach Investigation

by Elizabeth Snell

A current and comprehensive risk management plan, including a good auditing process, will be critical for organizations that must deal with a healthcare data breach investigation. Covered entities and business associates will be better...

Threat Intelligence Sharing Essential for Healthcare Cybersecurity

by Elizabeth Snell

The National Health Information Sharing and Analysis Center (NH-ISAC) constantly stresses the need for threat intelligence sharing in the healthcare sector, especially as cybersecurity threats grow increasingly...

Improving Cybersecurity Response in Healthcare Organizations

by Elizabeth Snell

Organizations must have the right staff members in place who are properly trained, and also have appropriate technical tools to ensure that a proper cybersecurity response can occur following a data security incident. Healthcare entities...

NH-ISAC, Anomali Partner to Improve Secure Healthcare Data Sharing

by Elizabeth Snell

Having a more seamless secure healthcare data sharing process is at the driving factor behind the National Health Information Sharing and Analysis Center (NH-ISAC) and Anomali recently partnering together. The organizations want...

Stronger Healthcare Cyber Hygiene Can Improve Patient Safety

by Elizabeth Snell

HHS’ Office of Inspector General (OIG) should create an exemption allowing donations of training/education services, software, and technology to improve healthcare cyber hygiene, according to the Association for Executives in...

Insufficient Staffing, Education Hinders Healthcare Cybersecurity

by Elizabeth Snell

Hospitals and payer organizations could make major strides in improving their healthcare cybersecurity measures by hiring the right staff members and by implementing comprehensive employee education and training, according to a Merlin...

Focusing on Healthcare Data Privacy with Information Governance

by Elizabeth Snell

Healthcare data privacy and security is one of the top industry challenges, but a comprehensive and holistic information governance (IG) program can be essential in overcoming it. Information governance is not often considered with...

Healthcare Ransomware, Data Breaches Represent Top Industry Threats

by Elizabeth Snell

For the second straight year, healthcare data breaches were cited as a top threat to the industry, according to the annual HIMSS Cybersecurity Survey. Healthcare ransomware and malware that steals credentials are also key worry areas for...

Healthcare Risk Assessments Key Driver for Security Investments

by Elizabeth Snell

More providers are adopting cybersecurity frameworks and prioritizing risk assessment, according to the third annual Symantec and HIMSS Analytics HIT Security and Risk Management Study. However, organizations are still underinvesting in...

Hospitals Continue to Value Healthcare Cybersecurity, Patient Safety

by Elizabeth Snell

Vendor and healthcare leadership teams have differing IT priorities for 2018, according to the 2018 HIMSS U.S. Leadership and Workforce Survey. Hospitals are honing in on healthcare cybersecurity and data privacy needs, while vendors...

Weak Healthcare Cybersecurity Employee Training Affects IT Security

by Elizabeth Snell

Covered entities must ensure that staff members at all levels receive regular and comprehensive healthcare cybersecurity employee training. This is a HIPAA requirement but is also critical to keeping the workforce up to date on evolving IT...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...