Healthcare Information Security

Data Security

San Diego School District Phishing Hack Includes Health Data

December 26, 2018 - San Diego Unified School District fell victim to a phishing attack, which breached the personal data, including health information, of more than 500,000 students and staff. The hacker gained access to staff credentials using a targeted phishing attack that used emails that appeared to be authentic, but redirected users to fake login pages where hackers collected the credentials,...


More Articles

Medtronic Ventilator Recalled by FDA for Software Update

by Jessica Davis

The Food and Drug Administration released an alert about a global voluntary corrective field action on Medtronic’s Puritan Bennett 980 ventilators. The action was announced this week and began on September 19. The FDA classified the...

McLean Hospital Pays Massachusetts $75,000 for 2015 Breach

by Jessica Davis

Belmont, Massachusetts-based McLean Hospital settled with the state over its 2015 data breach, agreeing to implement new security and training and pay $75,000. The settlement will resolve claims the psychiatric hospital exposed the data...

Social Media Needs Transparent Privacy Policies for Healthcare Data

by Jessica Davis

Two healthcare leaders are calling for greater transparency and stronger laws that outline the data collection practices of social media platforms. In Applied Clinical Informatics, Carolyn Petersen, Mayo Clinic Global Business Solutions...

Third-Party Vendor Hack Breaches 48,000 Baylor Frisco Patients

by Jessica Davis

Texas-based Baylor Scott and White Medical Center-Frisco is notifying about 47,948 patients or guarantors that their payment information was exposed for a week, after a hack on its third-party vendor’s credit card processing...

Biggest Challenges, Lessons Learned from Health Cybersecurity in 2018

by Jessica Davis

The cybersecurity issues faced by the healthcare sector in 2018 aren’t much different from those in recent years. However, hackers are increasing in sophistication and steadily improving success rates. The year started off with a...

Pennsylvania Judge Rules UPMC Must Protect Employee Data

by Jessica Davis

The Pennsylvania Supreme Court ruled last week that the University of Pittsburgh Medical Center is responsible for protecting personal employee data from hackers: The latest in a lengthy class-action lawsuit filed by UPMC employees against...

176.3 Patient Records Taken in Reported Breaches Since 2009

by Jessica Davis

Hacking is less common in the healthcare sector than theft and unauthorized disclosure, but those cybercriminals stole more than half of the breached patient records from 2009 to 2017, according to a new JAMA Internal Medicine report. The...

‘Payment Notification’ Is Top Healthcare Phishing Attack Subject

by Fred Donovan

The term “Payment Notification” is the top healthcare phishing attack subject, appearing in 58 percent of healthcare phishing attack campaigns in 2018, according to the latest data from Cofense. Other popular subjects in...

NTIA Privacy Principles Plan Parallels NIST Privacy Framework Bid

by Fred Donovan

In parallel with the NIST Privacy Framework effort, the Commerce Department’s NTIA is working on a set of consumer data privacy principles. On Tuesday, it published a request for comment to get consumer and industry feedback on the...

Consumers Have Most Confidence In Physician’s Health Data Security

by Fred Donovan

A full 87 percent of consumers surveyed by Rock Health said that they had confidence in the health data security of their physician, but that number dropped to 68 percent for pharmacies and 60 percent for health insurance...

Dermatology Clinics See Rash of Healthcare Data Breaches

by Fred Donovan

A pair of dermatology clinics reported to OCR this month healthcare data breaches that exposed PHI on a total of 5,375 patients. Maryland-based Anne Arundel Dermatology told OCR on August 9 that 1,310 individuals were affected by the...

OIG Faults Maryland for Inadequate Medicaid Data Security

by Fred Donovan

The HHS Office of Inspector General (OIG) has found that Maryland’s Medicaid data security program has failed to secure sensitive data and information systems. An OIG audit released August 14 concluded that numerous, significant...

ICS-CERT Flags Medtronic Devices for Cybersecurity Vulnerabilities

by Fred Donovan

A Medtronic patient monitor and an insulin pump were flagged this week by ICS-CERT for cybersecurity vulnerabilities that could expose sensitive data to attackers. The Medtronic MyCareLink patient monitor suffers from insufficient...

Court Rejects Review of FTC Actions in LabMD Data Security Case

by Fred Donovan

A federal appeals court rejected a request by LabMD founder Michael Daugherty for a review of a previous decision that shielded FTC lawyers from allegations that they engaged in unfair enforcement action regarding the now-defunct medical...

Half of US Adults Are Anxious About Healthcare Data Security

by Fred Donovan

Around half of US adults (49%) are extremely or very concerned about their healthcare data security, such as diagnoses, health history, and test results, according to a survey of more than 2,000 US adults by The Harris Poll on behalf of...

CISOs Stockpile Cryptocurrency in Case of Ransomware Attack

by Fred Donovan

The threat of a ransomware attack has led nearly three-quarters of CISOs to stockpile cryptocurrency to pay cybercriminals, according to survey of 1,700 IT, security, and business leaders in the United States, the UK, and Germany by...

C-Suite May Lack Awareness of Healthcare Supply Chain Risk

by Fred Donovan

A majority of healthcare industry respondents think their organization’s leadership may lack awareness of healthcare supply chain risk, according to a survey by Vanson Bourne on behalf of endpoint security firm CrowdStrike. A full...

ALYN Hospital Employs Ericom Shield to Bolster Healthcare Data Security

by Fred Donovan

Israel’s ALYN Hospital recently turned to Ericom Shield to bolster its healthcare data security, particularly for its web-based communication. ALYN is an Israeli hospital for rehabilitation of children with physical, respiratory,...

FTC Wants Expanded Authority in Data Security, Privacy

by Fred Donovan

While HHS is the primary federal agency that enforces HIPAA Security and Privacy Rules, the FTC has expanded its enforcement activities in data security and privacy, including taking on now-defunct medical testing firm LabMD over poor data...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...