Healthcare Information Security

Data Breach Response Plan

Allscripts Ransomware Attack Impacts Limited Number of Applications

January 19, 2018 - An Allscripts ransomware attack was reported on January 18, 2018, with certain applications made inaccessible. An Allscripts user reported to HIStalk that InfoButton, regulatory reporting, clinical decision support, direct messaging, and Payerpath were all down as of the morning of January 18. Allscripts reported on the same day on its e-prescription login page that EPCS functionality was...


More Articles

NC Data Breach Legislation Accounts for Ransomware Attacks

by Elizabeth Snell

Following an increase in reported state data breaches in 2017, North Carolina’s attorney general and a state representative introduced data breach legislation to better protect individuals. The updated Act to Strengthen Identity Theft Protections...

Are Orgs Filling Necessary Healthcare Cybersecurity Roles?

by Elizabeth Snell

Without the right healthcare cybersecurity roles being filled at covered entities, it can be more difficult for organizations to ensure that sensitive data remains secure. Along with CISOs, privacy officers, and compliance officers, entities...

5 Tips for a Strong Healthcare Data Breach Response

by Bill Kleyman

No one wants to experience an active security situation. A data breach will result in numerous sleepless nights, big expenses, and lots of lost confidence. The challenge, however, is that healthcare data is just so valuable. In the 2017 Ponemon...

Senator Urges Prompt Data Breach Disclosure in Recent Bill

by Elizabeth Snell

Florida Senator Bill Nelson introduced legislation toward the end of November 2017 that would require organizations to adhere to a more prompt data breach disclosure process. Companies that do not follow the requirements and attempt to deliberately...

Survey Shows US Cybersecurity Attacks Costing Orgs More Money

by Elizabeth Snell

More US-based organizations are investing in their IT security and physical security measures, but the costs of cybersecurity attacks are still on the rise, according to recent research. CSO, the CERT Division of the Software Engineering...

HIPAA Info Included in Updated MD Data Breach Notification Law

by Elizabeth Snell

Maryland has updated its data breach notification law, with information protected under HIPAA to be included under the definition of personal information. Should that data be compromised in a data breach, state organizations will need to notify...

Single National Data Breach Notification Standard Proposed

by Elizabeth Snell

A recently proposed bill calls for a single national data breach notification standard, which would replace the existing state notification laws and “clarify and strengthen” organizations’ reporting obligations. Rhode Island...

Recent Aetna Data Breach Leads to Class Action Lawsuit

by Elizabeth Snell

A federal class action lawsuit was recently filed against Aetna after it reportedly experienced a data breach that may have affected thousands of individuals. The Legal Action Center, AIDS Law Project of Pennsylvania, and Berger &...

HIMSS Stresses Proactive Healthcare Cybersecurity Measures

by Elizabeth Snell

Regular risk assessments, updating business continuity plans, and implementing a cybersecurity framework are all key ways for providers to follow a proactive healthcare cybersecurity approach, according to HIMSS Director of Privacy and Security...

DE Data Breach Notification Law Includes Medical Information

by Elizabeth Snell

Delaware Governor John Carney signed a bill last week to update the state’s data breach notification requirements. As part of extending cybersecurity protections, the law accounts for medical information being compromised in data breaches....

Creating a Healthcare Security Incident Reporting Process

by Clyde Hewitt of CynergisTek

With the recent wave of ransomware attacks, hacking attempts, and unauthorized disclosures, healthcare organizations have more opportunities to exercise their incident management plans. Unfortunately, these same organizations are learning the...

$115M Settlement Proposed in Anthem Data Breach Case

by Elizabeth Snell

Plaintiffs in the Anthem data breach litigation case recently filed a $115 million settlement proposal, which would also require the healthcare provider to guarantee a certain level of funding for information security. Anthem would also need...

TN Updates Data Breach Notification Law for Encrypted Data

by Elizabeth Snell

Any person or business that conducts business in Tennessee is only required give data breach notification if the information acquired was unencrypted, according to a recently passed amendment. Amended Senate Bill 547 states that encrypted data...

Encryption Aspect Amended in CA Data Breach Notification Law

by Elizabeth Snell

Starting in 2017, data breach notification will be required for instances when encrypted personal information of California residents has been breached and certain conditions are met, according to a recently amended state law. Previously, California’s...

FTC Releases Data Breach Response Guidance for Businesses

by Elizabeth Snell

The Federal Trade Commission (FTC) outlines the steps that businesses should take if they suspect that they have fallen victim to a data breach in a recently released data breach response guide and accompanying video. Along with securing physical...

Companies Lacking Confidence in Data Breach Preparedness

by Elizabeth Snell

More organizations are implementing data breach preparedness plans, but a recent survey showed that those same companies are not entirely confident in their ability to recover from potential data security incidents. The fourth annual Is Your...

Healthcare Data Breach Costs Still Highest Among Industries

by Elizabeth Snell

The healthcare industry is no stranger to data breaches, and as technology continues to evolve, covered entities and their business associates need to be especially vigilant when it comes to keeping patient data secure. A healthcare data breach...

Are Cybersecurity Measures Improving After OPM Data Breach?

by Elizabeth Snell

Nearly one year after the large-scale OPM data breach, the majority of federal employees state that the current cybersecurity measures are unclear. A Federal News Radio survey found that over half of those surveyed - 53 percent - do not believe...

Neb. Data Breach Notification Law Clarifies Encryption Aspect

by Elizabeth Snell

Nebraska Governor Pete Ricketts signed an amended version of the state’s data breach notification law last month, which further clarifies the data encryption exemption and expands the definition of personal information. LB835 made changes...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks