Healthcare Information Security

Data Security

Some Healthcare Firms Struggle To Comply with EU Data Privacy Rule

June 13, 2018 - Around one-third of healthcare organizations are still “on the journey” to comply with the EU's General Data Protection Regulation (GDPR), even though the GDPR took effect May 25, according to a cross-industry global survey of 3,958 IT leaders by Harvey Nash and KPMG. The good news is that 67 percent of healthcare organizations have completed or mostly completed their GDPR...


More Articles

Court Dismisses FTC Order on LabMD’s Data Security Lapses

by Fred Donovan

In a long anticipated ruling, a federal appeals court has thrown out a Federal Trade Commission (FTC) order directing the now-defunct medical testing firm LabMD to overhaul its data security program. In 2013, the FTC filed a complaint against...

Taking a Practical Approach to Healthcare Data Security

by Bill Kleyman

Let’s be honest. If you start to discuss all the various aspects of healthcare data security, it’s easy to get overwhelmed quickly. There are so many parts and pieces when it comes to working with proper healthcare security it’s...

Data on 500K Patients Exposed in LifeBridge Healthcare Data Breach

by Fred Donovan

LifeBridge Health, a healthcare provider located in northwest Baltimore, has notified more than 500,000 patients that their personal information may have been exposed in a September 2016 healthcare data breach, the provider said in a statement...

45,000 Patient Records Exposed in Nuance Healthcare Data Breach

by Fred Donovan

Nuance, a Burlington, Mass.-based provider of speech recognition software, said in a May 10 SEC filing that a healthcare data breach occurred when an unauthorized third party gained access to 45,000 patient records hosted on one of its medical...

Cyberattackers Exploiting Weaknesses in Healthcare Data Security

by Fred Donovan

Cyberattackers are exploiting inherent weaknesses in healthcare data security, making the sector the most targeted industry in the first quarter of 2018, according to Rapid7’s quarterly threat report released May 15. The Rapid7 research...

Healthcare Data Security Key Part of NIH All of Us Program

by Fred Donovan

Healthcare data security is a key component of the National Institutes of Health (NIH)-sponsored All of Us precision medicine research program, said Program Director Eric Dishman in opening the national enrollment for the program. “[Data...

Philips CT Scanner Cybersecurity Vulnerabilities Pose PHI Risk

by Fred Donovan

Cybersecurity vulnerabilities in Philips Brilliance CT scanners could be exploited by an attacker to steal protected health information (PHI) and other sensitive data files, warned the Industrial Control Systems Cyber Emergency Response Team...

Top 5 Healthcare Data Security, Infrastructure Threats

by Bill Kleyman

We’ve had the chance to discuss all of the amazing new solutions and technologies impacting the healthcare world, as well as healthcare data security. We know that IoT, telemedicine, and new healthcare services are all affecting the...

Employee Fired for HIPAA Violation Gets Personal Data from Agency

by Fred Donovan

Tracy Ryans, a former employee of the Texas Health and Human Services Commission fired for an alleged HIPAA violation, recently received a box full of state assistance applications chock full of personal information from her former employer,...

Healthcare Industry Scores Low on Data Security Knowledge

by Fred Donovan

The healthcare industry is one of the worst when it comes to data security knowledge, according to data from Wombat Security’s learning management system. Customers in the healthcare industry answered 23 percent of IT security best...

FTC ‘Misconduct’ Charges Loom as Uber Health Service Launches

by Fred Donovan

Uber is being hit with additional federal penalties for “misconduct” in not reporting a major 2016 data breach at a time when it is launching its Uber Health service, which the ride-sharing company pledges will be HIPAA compliant....

How EU Data Privacy Rule Could Impact US Healthcare Providers

by Fred Donovan

US healthcare organizations that handle personal information of EU individuals will face stricter regulatory requirements and possibly hefty fines under the EU’s new data privacy rule set to take effect May 25, 2018. The General Data Protection...

VA Facility Lacking Security Risk Assessment, Security Controls

by Elizabeth Snell

The Veterans Services Adaptable Network (VSAN) at the Orlando Veterans Affairs Medical Center (VAMC) was not fully coordinated with the Office of Information and Technology (OI&T), which included not having a security risk assessment, according...

MA Data Breach Reporting Tool Aids in Notification Process

by Elizabeth Snell

Massachusetts businesses and organizations that need to complete the data breach notification process will now be able to do so through an online data breach reporting tool. Massachusetts Attorney General Maura Healey explained in a statement...

Health IT Security, FHIR Focus of ONC Secure API Server Challenge

by Elizabeth Snell

ONC is challenging healthcare stakeholders to build secure Fast Healthcare Interoperability Resources (FHIR) servers to improve health IT security and ensure that secure FHIR options are available in the future. The Secure API Server Showdown...

CO Hospital Email Breach Possibly Exposes PHI of 3.4K Families

by Kate Monica

Children’s Hospital Colorado recently informed patients of a potential security breach possibly affecting the PHI of nearly 3,400 patient families. On July 11, 2017, Children’s Colorado discovered an employee’s email account...

FTC Blogs Review Data Security, Data Breach Prevention Basics

by Elizabeth Snell

The FTC has started a blog series to help organizations better understand the agency’s approach to data security, and to ensure that entities in numerous sectors can create strong data prevention measures. Starting with the FTC’s...

Tewksbury Hospital PHI Data Breach Threatens 1K Patients

by Kate Monica

Massachusetts-based Tewksbury Hospital recently discovered evidence of an incident of unauthorized EHR access potentially creating a PHI data breach. In April of 2017, a former Tewksbury Hospital patient stated an unauthorized individual may...

Stolen, Unencrypted Drive Causes Data Security Concern for 15K

by Kate Monica

Western Health Screening (WHS) recently issued a letter notifying individuals of a possible data security breach in which a WHS-owned vehicle containing an unencrypted jump drive was stolen. The jump drive contained the personal information of...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks