Healthcare Information Security

EHR Ransomware

Patient Data Exposure Possibly Impacts 15K at FL Center

July 20, 2017 - On May 5, 2017, Tampa Bay Surgery Center was made aware of a security incident in which certain patient data was posted to a public online file-sharing site by an unauthorized third party. Law enforcement informed the healthcare center that the information was posted the day prior. A Twitter user claiming to be the unauthorized party had obtained the file and included a link to the file on...


More Articles

Top 3 Essentials in Preparing for Ransomware Attacks

by Elizabeth Snell

With each week seeming to bring in a report of a new ransomware attack, healthcare organizations cannot afford to assume that this type of cybersecurity issue will never affect them. Preparing for ransomware attacks in the healthcare industry...

UC Davis Health System Phishing Attack Potentially Impacts 15K

by Kate Monica

On May 15, 2017, UC Davis Health suffered a potential security breach when a phishing email was sent to an employee. Through the phishing email, hackers gained access to the employee’s account and posed as the account owner to send emails...

NH-ISAC Issues Petya Ransomware Vaccine, Mitigation

by Elizabeth Snell

The National Health Information Sharing and Analysis Center (NH-ISAC) announced that it had a Petya ransomware vaccine, and also discussed mitigation tactics that organizations can follow to minimize the potential risk of infection. Entities...

Saint Thomas Health Data Breach from Misplaced Documents

by Kate Monica

In April, Saint Thomas Health discovered a potential health data breach involving patient information at its facility in Murfreesboro, Tennessee. The breach potentially impacted 2,859 Saint Thomas patients, the organization said in an online...

Health System, Pharma Firm Report Cybersecurity Incidents

by Elizabeth Snell

Pennsylvania-based Heritage Valley Health System (HVHS) reported that it had experienced a cybersecurity incident on June 27, 2017. While HVHS did not specifically identify the type of ransomware attack, it said that it was “identified...

US-CERT Warns of Petya Ransomware, Microsoft Vulnerabilities

by Elizabeth Snell

Using unpatched and unsupported software may increase the risk of being affected by malicious software, such as Petya ransomware infections, according to the Department of Homeland Security’s (DHS) US Computer Emergency Readiness Team (US-CERT)....

Airway Oxygen Ransomware Attack May Affect PHI of 500K

by Elizabeth Snell

Michigan-based Airway Oxygen, Inc. is notifying patients that their PHI may have been involved in a ransomware attack that took place earlier this year. The medical equipment supply company explained in its notification letter to individuals...

Key Ransomware Prevention Measures in Recent Executive Order

by Elizabeth Snell

An executive order signed by the president in May 2017 has important guidelines and priorities organizations can follow to improve their cybersecurity, including instilling stronger ransomware prevention, according to a blog post by UC Berkeley...

Regular Data Backups Key in Ransomware Prevention, Response

by Elizabeth Snell

Regular system backups and verification is the most effective approach in ransomware prevention and response, according to the Software Engineering Institute (SEI) at Carnegie Mellon University. Backups need to be stored on separate systems that...

Security Patches Critical in Ransomware Prevention Measures

by Elizabeth Snell

Healthcare organizations can take protective actions in their approach to ransomware prevention, such as implementing regular software updates and security patches, according to the ECRI Institute. There are also critical differences in protecting...

Utilizing Strong Cyber Hygiene for Ransomware Preparation

by Elizabeth Snell

The WannaCry ransomware attack was a wakeup call for healthcare organizations across the globe, especially with the UK’s National Health Service being severely impacted from the attack. This is further proof why strong cyber hygiene is...

Texas Hospital Email Hack Exposes PHI of over 8K Patients

by Kate Monica

On February 21, 2017, an unauthorized individual accessed an employee email account containing PHI at Hill Country Memorial Hospital in Fredericksburg, Texas. Hill Country stated the email hack appears to be the result of intentional criminal...

HHS Reiterates OCR Ransomware Guidance after Recent Attack

by Elizabeth Snell

The WannaCry ransomware attack should serve as a strong reminder to healthcare organizations to maintain necessary data security measures, including proper employee training. Adhering to the OCR ransomware guidance will also help covered entities...

Medical Devices Reportedly Infected in Ransomware Attack

by Elizabeth Snell

The recent WannaCry ransomware attack that infiltrated more than 150 countries and forced some European healthcare organizations to suspend certain services reportedly infected certain medical devices as well. HITRUST explained in an email update...

HHS Urges Caution in Wake of WannaCry Ransomware Attack

by Elizabeth Snell

UPDATE: HHS released an additional update on May 15 with new details regarding the ransomware attack. Last week, multiple countries around the world reported falling victim to the WannaCry ransomware attack. Numerous hospitals and healthcare...

PHI Security of 20K Possibly Affected from RI Laptop Theft

by Kate Monica

On February 25, 2017, Lifespan Corporation suffered a possible healthcare data breach in which an employee’s laptop was stolen. The theft occurred when an individual broke into an employee’s car and stole several items, including...

50% of Industry Incidents from Healthcare Ransomware Attacks

by Elizabeth Snell

Half of the reported healthcare data security incidents from October 2015 to September 2016 stemmed from healthcare ransomware attacks, according to a recent NTT Security report. The NTT Security 2017 Global Threat Intelligence Report found that...

Stolen, Unencrypted Drive Causes Data Security Concern for 15K

by Kate Monica

Western Health Screening (WHS) recently issued a letter notifying individuals of a possible data security breach in which a WHS-owned vehicle containing an unencrypted jump drive was stolen. The jump drive contained the personal information of...

NY Computer Virus Raises Healthcare Data Security Concerns

by Kate Monica

Erie County Medical Center (ECMC) has been battling a computer virus that was discovered on its computer system early Sunday morning, causing concern over the organization’s healthcare data security. The hospital has voluntarily shut down...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks