Healthcare Information Security

EHR Security

29K Impacted by SSM Health Data Breach from Unauthorized Access

January 4, 2018 - St. Louis, Missouri-based SSM Health recently reported that it experienced a potential data breach after an employee accessed patient records without authorization. The access occurred between February 13, 2017 and October 20, 2017 when the employee was working in the customer service call center, according to SSM Health. At the time, the employee had PHI access to perform regular job functions....


More Articles

Applying US-CERT IoT Security Best Practices to Healthcare

by Elizabeth Snell

The Internet of Things (IoT) is quickly becoming integrated into the daily operations of numerous organizations, which means that entities need to keep IoT security a top priority, according to the US Computer Emergency Readiness Team (US-CERT)....

73 Percent of Medical Professionals Share Passwords for EHR Access

by Kate Monica

A recent study examined the prevalence of password sharing among healthcare providers and found nearly three-quarters of surveyed medical professionals have used another staff member’s password to obtain EHR access at work. The study by...

EHRA: Health Data Sharing Not Aided with Regulatory Penalties

by Elizabeth Snell

Advocating for penalizations for providers and EHR developers is the wrong approach for encouraging health data sharing, according to a recent EHR Association (EHRA) blog post. Written in response to a Health Affairs post by former ONC Chief...

Improper Disposal Creates PHI Security Concern for 1.8K

by Kate Monica

On June 16, the Texas Health and Human Services Commission (HHSC) notified patients of a recent potential security breach that may have involved the PHI of 1,842 residents of the Houston area. The incident was discovered when a box of forms containing...

Unauthorized EHR Access Potentially Exposes 14K Records

by Kate Monica

On February 27, 2017, the Diamond Institute for Infertility and Menopause discovered a potential data breach in which an unauthorized individual gained access to a third-party server containing patient EHRs. While the patient EHRs and the database...

Effects of Patient Distrust on Health Data Exchange Security

by Kate Monica

In a recent survey, Black Book polled a national panel of over 12,000 consumers to gauge patient interaction with technology and their perception of the usefulness of these technologies. The organization found that 57 percent of respondents are...

Healthcare Web Application Attacks Increase in Past Year

by Elizabeth Snell

There has been a 14 percent increase in overall web application attacks from Q1 2016 to Q2 2016, while healthcare web application attacks have also increased in the past year, according to recent research from Akamai. DDoS attacks also increased...

DoD Wants Army EHR Security Audit, Security Protocol Review

by Elizabeth Snell

The Department of Defense plans to investigate whether or not the Army implemented effective security protocols to protect electronic health records through an EHR security audit, set to be performed in August 2016. The DoD Inspector General...

Stolen Patient Records in OH Lead to Potential PHI Breach

by Jacqueline Belliveau

An Ohio-area dental practice has notified 7,784 individuals of a potential PHI breach after patient records were stolen, reported the Office of Civil Rights on its website. In a HIPAA breach notification letter, Sunbury Plaza Dental explained...

Most Hospitals Consider EHR Security in Contingency Planning

by Elizabeth Snell

Nearly two-thirds of hospitals reported that EHR security is considered through their application of  HIPAA rules as they implement contingency planning, the Office of Inspector General found. Furthermore, when it comes to EHR contingency...

Bizmatics Healthcare Data Breach Affects Another 22K Patients

by Jacqueline Belliveau

North Ottowa Medical Group has identified a hacking incident at Bizmatics, an EHR vendor, as the source of a potential healthcare data breach, according to a press release. The Michigan-based medical group was notified by Bizmatics that servers...

EHR Data Potentially Exposed in Vendor Healthcare Data Breach

by Jacqueline Belliveau

Another medical center has reported a potential healthcare data breach stemming from a hacking incident affecting EHR vendor Bizmatics, according to a HIPAA notification letter on the ENT and Allergy Center’s website. The Office of Civil...

Improper Employee Access Creates Potential Health Data Breach

by Jacqueline Belliveau

ProMedica, a healthcare organization in Ohio, has investigated a potential healthcare data breach after discovering several employees had inappropriately accessed the private medical records for patients they were not directly treating. According...

Hackers Cause Possible Healthcare Data Breach for 40K Patients

by Jacqueline Belliveau

A Connecticut-based podiatry group is facing a possible healthcare data breach that has impacted approximately 40,491 individuals after hackers accessed network services, according to the Office of Civil Rights data breach report. An outside...

How DDoS Attack Increase May Affect Healthcare Cybersecurity

by Jacqueline Belliveau

More organizations experienced multiple distributed denial of service (DDoS) attacks in the fourth quarter of 2015, which could spell out trouble for healthcare cybersecurity measures, especially for cloud-based services. According to Akamai’s...

How Can Hospital Ransomware Policies Improve in the Industry?

by Jacqueline Belliveau

As healthcare data security incidents become more sophisticated, covered entities and their business associates are attempting to develop security procedures that better manage hospital ransomware threats. With the help of several government...

Healthcare Ransomware Cases Highlight Security Needs

by Elizabeth Snell

Healthcare ransomware issues continue to be reported, causing many industry stakeholders to refer to this type of cyber attack as one of the top concerns for 2016. Ransomware is a type of malware that typically prevents an organization from accessing...

AHA Calls for Strong Healthcare Cybersecurity Measures

by Jacqueline Belliveau

The American Hospital Association (AHA) aims to help providers develop and share approaches to developing strong healthcare cybersecurity measures through its Cybersecurity webpage, according to a recent blog post. The webpage is dedicated to...

NIST Group to Fund Healthcare ID, EHR Security Pilot Project

by Jacqueline Belliveau

The National Strategy for Trusted Identities in Cyberspace (NSTIC) National Program Office has announced a new funding opportunity for innovations in federating identity credentials across the healthcare industry and promoting EHR security, according...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks