Healthcare Information Security

Data Security

OIG Faults Maryland for Inadequate Medicaid Data Security

August 17, 2018 - The HHS Office of Inspector General (OIG) has found that Maryland’s Medicaid data security program has failed to secure sensitive data and information systems. An OIG audit released August 14 concluded that numerous, significant system vulnerabilities exist in Maryland’s Medicaid Management Information System (MMIS) because it did not implement sufficient controls over the...


More Articles

ICS-CERT Flags Medtronic Devices for Cybersecurity Vulnerabilities

by Fred Donovan

A Medtronic patient monitor and an insulin pump were flagged this week by ICS-CERT for cybersecurity vulnerabilities that could expose sensitive data to attackers. The Medtronic MyCareLink patient monitor suffers from insufficient...

Court Rejects Review of FTC Actions in LabMD Data Security Case

by Fred Donovan

A federal appeals court rejected a request by LabMD founder Michael Daugherty for a review of a previous decision that shielded FTC lawyers from allegations that they engaged in unfair enforcement action regarding the now-defunct medical...

Half of US Adults Are Anxious About Healthcare Data Security

by Fred Donovan

Around half of US adults (49%) are extremely or very concerned about their healthcare data security, such as diagnoses, health history, and test results, according to a survey of more than 2,000 US adults by The Harris Poll on behalf of...

CISOs Stockpile Cryptocurrency in Case of Ransomware Attack

by Fred Donovan

The threat of a ransomware attack has led nearly three-quarters of CISOs to stockpile cryptocurrency to pay cybercriminals, according to survey of 1,700 IT, security, and business leaders in the United States, the UK, and Germany by...

C-Suite May Lack Awareness of Healthcare Supply Chain Risk

by Fred Donovan

A majority of healthcare industry respondents think their organization’s leadership may lack awareness of healthcare supply chain risk, according to a survey by Vanson Bourne on behalf of endpoint security firm CrowdStrike. A full...

FTC Wants Expanded Authority in Data Security, Privacy

by Fred Donovan

While HHS is the primary federal agency that enforces HIPAA Security and Privacy Rules, the FTC has expanded its enforcement activities in data security and privacy, including taking on now-defunct medical testing firm LabMD over poor data...

Response to Spectre, Meltdown Cybersecurity Vulnerabilities Queried

by Fred Donovan

US lawmakers want answers from the Software Engineering Institute’s (SEI) CERT Coordination Center (CERT-CC) to questions about the industry's response to the Spectre and Meltdown cybersecurity vulnerabilities disclosed in...

Insider Health Data Security Threats Bigger Concern than External

by Fred Donovan

Many healthcare professionals are more concerned about insider threats to health data security than external breaches, according to a survey by HIMSS on behalf of SailPoint. There is an acute level of concern about the threats posed...

Some Healthcare Firms Struggle To Comply with EU Data Privacy Rule

by Fred Donovan

Around one-third of healthcare organizations are still “on the journey” to comply with the EU's General Data Protection Regulation (GDPR), even though the GDPR took effect May 25, according to a cross-industry global survey...

Court Dismisses FTC Order on LabMD’s Data Security Lapses

by Fred Donovan

In a long anticipated ruling, a federal appeals court has thrown out a Federal Trade Commission (FTC) order directing the now-defunct medical testing firm LabMD to overhaul its data security program. In 2013, the FTC filed a complaint...

Taking a Practical Approach to Healthcare Data Security

by Bill Kleyman

Let’s be honest. If you start to discuss all the various aspects of healthcare data security, it’s easy to get overwhelmed quickly. There are so many parts and pieces when it comes to working with proper healthcare security...

Data on 500K Patients Exposed in LifeBridge Healthcare Data Breach

by Fred Donovan

LifeBridge Health, a healthcare provider located in northwest Baltimore, has notified more than 500,000 patients that their personal information may have been exposed in a September 2016 healthcare data breach, the provider said in a...

45,000 Patient Records Exposed in Nuance Healthcare Data Breach

by Fred Donovan

Nuance, a Burlington, Mass.-based provider of speech recognition software, said in a May 10 SEC filing that a healthcare data breach occurred when an unauthorized third party gained access to 45,000 patient records hosted on one of its...

Cyberattackers Exploiting Weaknesses in Healthcare Data Security

by Fred Donovan

Cyberattackers are exploiting inherent weaknesses in healthcare data security, making the sector the most targeted industry in the first quarter of 2018, according to Rapid7’s quarterly threat report released May 15. The Rapid7...

Healthcare Data Security Key Part of NIH All of Us Program

by Fred Donovan

Healthcare data security is a key component of the National Institutes of Health (NIH)-sponsored All of Us precision medicine research program, said Program Director Eric Dishman in opening the national enrollment for the...

Philips CT Scanner Cybersecurity Vulnerabilities Pose PHI Risk

by Fred Donovan

Cybersecurity vulnerabilities in Philips Brilliance CT scanners could be exploited by an attacker to steal protected health information (PHI) and other sensitive data files, warned the Industrial Control Systems Cyber Emergency Response...

Top 5 Healthcare Data Security, Infrastructure Threats

by Bill Kleyman

We’ve had the chance to discuss all of the amazing new solutions and technologies impacting the healthcare world, as well as healthcare data security. We know that IoT, telemedicine, and new healthcare services are all...

Employee Fired for HIPAA Violation Gets Personal Data from Agency

by Fred Donovan

Tracy Ryans, a former employee of the Texas Health and Human Services Commission fired for an alleged HIPAA violation, recently received a box full of state assistance applications chock full of personal information from her former...

Healthcare Industry Scores Low on Data Security Knowledge

by Fred Donovan

The healthcare industry is one of the worst when it comes to data security knowledge, according to data from Wombat Security’s learning management system. Customers in the healthcare industry answered 23 percent of IT security...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks