Healthcare Information Security

Data Security

‘Payment Notification’ Is Top Healthcare Phishing Attack Subject

October 11, 2018 - The term “Payment Notification” is the top healthcare phishing attack subject, appearing in 58 percent of healthcare phishing attack campaigns in 2018, according to the latest data from Cofense. Other popular subjects in healthcare phishing attacks are “New Message in Mailbox” and “Attached Invoice.” Cofense (formerly PhishMe) found that 7 percent...


More Articles

NTIA Privacy Principles Plan Parallels NIST Privacy Framework Bid

by Fred Donovan

In parallel with the NIST Privacy Framework effort, the Commerce Department’s NTIA is working on a set of consumer data privacy principles. On Tuesday, it published a request for comment to get consumer and industry feedback on the...

Consumers Have Most Confidence In Physician’s Health Data Security

by Fred Donovan

A full 87 percent of consumers surveyed by Rock Health said that they had confidence in the health data security of their physician, but that number dropped to 68 percent for pharmacies and 60 percent for health insurance...

Dermatology Clinics See Rash of Healthcare Data Breaches

by Fred Donovan

A pair of dermatology clinics reported to OCR this month healthcare data breaches that exposed PHI on a total of 5,375 patients. Maryland-based Anne Arundel Dermatology told OCR on August 9 that 1,310 individuals were affected by the...

OIG Faults Maryland for Inadequate Medicaid Data Security

by Fred Donovan

The HHS Office of Inspector General (OIG) has found that Maryland’s Medicaid data security program has failed to secure sensitive data and information systems. An OIG audit released August 14 concluded that numerous, significant...

ICS-CERT Flags Medtronic Devices for Cybersecurity Vulnerabilities

by Fred Donovan

A Medtronic patient monitor and an insulin pump were flagged this week by ICS-CERT for cybersecurity vulnerabilities that could expose sensitive data to attackers. The Medtronic MyCareLink patient monitor suffers from insufficient...

Court Rejects Review of FTC Actions in LabMD Data Security Case

by Fred Donovan

A federal appeals court rejected a request by LabMD founder Michael Daugherty for a review of a previous decision that shielded FTC lawyers from allegations that they engaged in unfair enforcement action regarding the now-defunct medical...

Half of US Adults Are Anxious About Healthcare Data Security

by Fred Donovan

Around half of US adults (49%) are extremely or very concerned about their healthcare data security, such as diagnoses, health history, and test results, according to a survey of more than 2,000 US adults by The Harris Poll on behalf of...

CISOs Stockpile Cryptocurrency in Case of Ransomware Attack

by Fred Donovan

The threat of a ransomware attack has led nearly three-quarters of CISOs to stockpile cryptocurrency to pay cybercriminals, according to survey of 1,700 IT, security, and business leaders in the United States, the UK, and Germany by...

C-Suite May Lack Awareness of Healthcare Supply Chain Risk

by Fred Donovan

A majority of healthcare industry respondents think their organization’s leadership may lack awareness of healthcare supply chain risk, according to a survey by Vanson Bourne on behalf of endpoint security firm CrowdStrike. A full...

ALYN Hospital Employs Ericom Shield to Bolster Healthcare Data Security

by Fred Donovan

Israel’s ALYN Hospital recently turned to Ericom Shield to bolster its healthcare data security, particularly for its web-based communication. ALYN is an Israeli hospital for rehabilitation of children with physical, respiratory,...

FTC Wants Expanded Authority in Data Security, Privacy

by Fred Donovan

While HHS is the primary federal agency that enforces HIPAA Security and Privacy Rules, the FTC has expanded its enforcement activities in data security and privacy, including taking on now-defunct medical testing firm LabMD over poor data...

Response to Spectre, Meltdown Cybersecurity Vulnerabilities Queried

by Fred Donovan

US lawmakers want answers from the Software Engineering Institute’s (SEI) CERT Coordination Center (CERT-CC) to questions about the industry's response to the Spectre and Meltdown cybersecurity vulnerabilities disclosed in...

Insider Health Data Security Threats Bigger Concern than External

by Fred Donovan

Many healthcare professionals are more concerned about insider threats to health data security than external breaches, according to a survey by HIMSS on behalf of SailPoint. There is an acute level of concern about the threats posed...

Some Healthcare Firms Struggle To Comply with EU Data Privacy Rule

by Fred Donovan

Around one-third of healthcare organizations are still “on the journey” to comply with the EU's General Data Protection Regulation (GDPR), even though the GDPR took effect May 25, according to a cross-industry global survey...

Court Dismisses FTC Order on LabMD’s Data Security Lapses

by Fred Donovan

In a long anticipated ruling, a federal appeals court has thrown out a Federal Trade Commission (FTC) order directing the now-defunct medical testing firm LabMD to overhaul its data security program. In 2013, the FTC filed a complaint...

Taking a Practical Approach to Healthcare Data Security

by Bill Kleyman

Let’s be honest. If you start to discuss all the various aspects of healthcare data security, it’s easy to get overwhelmed quickly. There are so many parts and pieces when it comes to working with proper healthcare security...

Data on 500K Patients Exposed in LifeBridge Healthcare Data Breach

by Fred Donovan

LifeBridge Health, a healthcare provider located in northwest Baltimore, has notified more than 500,000 patients that their personal information may have been exposed in a September 2016 healthcare data breach, the provider said in a...

45,000 Patient Records Exposed in Nuance Healthcare Data Breach

by Fred Donovan

Nuance, a Burlington, Mass.-based provider of speech recognition software, said in a May 10 SEC filing that a healthcare data breach occurred when an unauthorized third party gained access to 45,000 patient records hosted on one of its...

Cyberattackers Exploiting Weaknesses in Healthcare Data Security

by Fred Donovan

Cyberattackers are exploiting inherent weaknesses in healthcare data security, making the sector the most targeted industry in the first quarter of 2018, according to Rapid7’s quarterly threat report released May 15. The Rapid7...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks