Healthcare Information Security

EHR Security

Zero-Day Virus Forces EHR Downtime at 21 Health Science North Hospitals

January 18, 2019 - The computer system of Sudbury, Ontario-based Health Sciences North was infected by a zero-day virus, driving officials to shut down its EHR to contain the infection, according to local news outlet CBC Radio-Canada. Staff at the Sudbury Hospital discovered the hack on Thursday morning, prompting the system downtime to prevent the virus from spreading. Dominic Giroux, Health Sciences...


More Articles

DoD Health Agency Security Flaws Put Patient Data at Risk, OIG Finds

by Jessica Davis

The Department of Defense Health Agency (DHA) failed to consistently implement security measures to protect the systems that stored, processed, and transmitted electronic health record and patient information, according to a DoD...

Malware Attack on BJC Healthcare Breaches Credit Card Data

by Jessica Davis

The patient portal of Missouri-based BJC Healthcare was hacked with malware, which potentially intercepted the credit and debit card numbers of 5,850 patients. According to officials, the breach was discovered on November 19. An...

The 10 Biggest U.S. Healthcare Data Breaches of 2018

by Jessica Davis

The threat landscape has continued to evolve throughout the year, with hackers ramping up targeted, sophisticated attacks. Ransomware continued to plague the healthcare sector, while phishing attacks and insider errors led to some of the...

Most US Consumers Worry about Electronic Health Records Breach

by Fred Donovan

A full 80 percent of 1,000 US consumer surveyed by Unisys are concerned that hackers could access their electronic health records (EHRs) at their healthcare provider. Breaking that down, 14 percent are very concerned about an EHR breach,...

Cass Diverts Patients, Shuts Down EHR Due to Ransomware Attack

by Fred Donovan

Cass Regional Medical Center in Harrisonville, Missouri, has diverted trauma and stroke patients and shut down its EHR system due to a ransomware attack, the hospital said in a July 9 statement on its website. Cass became aware of the...

Navy, USAF Could Face HIPAA Violation Fines for Lax EHR Security

by Fred Donovan

The US Navy and US Air Force have poor security practices for their electronic health record (EHR) systems and could face millions of dollars in HIPAA violation fines if action is not taken to correct these problems, warned the Department...

Stakeholders Desire Clarification on Secure Data Exchange in TEFCA

by Elizabeth Snell

ONC must further clarify secure data exchange aspects in its Trusted Exchange Framework and Common Agreement (TEFCA) draft, and also explain how HIPAA regulations will apply, according to industry stakeholders. One of the TEFCA principles...

Healthcare Cybersecurity Threats Hinder HIT Development

by Elizabeth Snell

Healthcare organizations across the globe are working to adopt and deploy EHRs without opening themselves up to interoperability issues, healthcare cybersecurity threats, and HIT infrastructure problems, according to a recent Black Book...

Why Providers Need a Disaster Recovery Plan for EHR Security

by Elizabeth Snell

Whether healthcare providers are working to prepare for potential natural disasters like hurricanes or manmade cybersecurity issues (i.e., ransomware attacks, insider data breaches) having a disaster recovery plan is essential. Entities...

29K Impacted by SSM Health Data Breach from Unauthorized Access

by Elizabeth Snell

St. Louis, Missouri-based SSM Health recently reported that it experienced a potential data breach after an employee accessed patient records without authorization. The access occurred between February 13, 2017 and October 20, 2017 when...

Applying US-CERT IoT Security Best Practices to Healthcare

by Elizabeth Snell

The Internet of Things (IoT) is quickly becoming integrated into the daily operations of numerous organizations, which means that entities need to keep IoT security a top priority, according to the US Computer Emergency Readiness Team...

73 Percent of Medical Professionals Share Passwords for EHR Access

by Kate Monica

A recent study examined the prevalence of password sharing among healthcare providers and found nearly three-quarters of surveyed medical professionals have used another staff member’s password to obtain EHR access at work. The...

EHRA: Health Data Sharing Not Aided with Regulatory Penalties

by Elizabeth Snell

Advocating for penalizations for providers and EHR developers is the wrong approach for encouraging health data sharing, according to a recent EHR Association (EHRA) blog post. Written in response to a Health Affairs post by former ONC...

Improper Disposal Creates PHI Security Concern for 1.8K

by Kate Monica

On June 16, the Texas Health and Human Services Commission (HHSC) notified patients of a recent potential security breach that may have involved the PHI of 1,842 residents of the Houston area. The incident was discovered when a box of...

Unauthorized EHR Access Potentially Exposes 14K Records

by Kate Monica

On February 27, 2017, the Diamond Institute for Infertility and Menopause discovered a potential data breach in which an unauthorized individual gained access to a third-party server containing patient EHRs. While the patient EHRs and the...

Effects of Patient Distrust on Health Data Exchange Security

by Kate Monica

In a recent survey, Black Book polled a national panel of over 12,000 consumers to gauge patient interaction with technology and their perception of the usefulness of these technologies. The organization found that 57 percent of...

Healthcare Web Application Attacks Increase in Past Year

by Elizabeth Snell

There has been a 14 percent increase in overall web application attacks from Q1 2016 to Q2 2016, while healthcare web application attacks have also increased in the past year, according to recent research from Akamai. DDoS attacks also...

DoD Wants Army EHR Security Audit, Security Protocol Review

by Elizabeth Snell

The Department of Defense plans to investigate whether or not the Army implemented effective security protocols to protect electronic health records through an EHR security audit, set to be performed in August 2016. The DoD Inspector...

Stolen Patient Records in OH Lead to Potential PHI Breach

by Jacqueline LaPointe

An Ohio-area dental practice has notified 7,784 individuals of a potential PHI breach after patient records were stolen, reported the Office of Civil Rights on its website. In a HIPAA breach notification letter, Sunbury Plaza Dental...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...