Healthcare Information Security

HHS

Response to Spectre, Meltdown Cybersecurity Vulnerabilities Queried

July 18, 2018 - US lawmakers want answers from the Software Engineering Institute’s (SEI) CERT Coordination Center (CERT-CC) to questions about the industry's response to the Spectre and Meltdown cybersecurity vulnerabilities disclosed in January of this year. Meltdown is a bug that “melts” the security boundaries normally enforced by hardware. Spectre is a flaw that an attacker can...


More Articles

CHIME Says Healthcare Cybersecurity Should Be Innovation Focus

by Fred Donovan

Healthcare cybersecurity should be one focus area of a public-private workgroup that HHS is suggesting to examine healthcare innovation and investment, argued the College of Healthcare Information Management Executives (CHIME) in its comments...

Michigan Medicine Admits to Healthcare Data Breach in Laptop Theft

by Fred Donovan

University of Michigan’s Michigan Medicine announced June 25 that around 870 patients were affected by a healthcare data breach that involved the theft of an unencrypted laptop with PHI from an employee’s car. The theft occurred on...

Recent WannaCrypt Ransomware Attack Not Really Ransomware

by Fred Donovan

When you mention the word WannaCry, health IT security folks break into a cold sweat. They remember the havoc that the WannaCry ransomware attack wreaked on the healthcare industry last year. Cybercriminals claiming to be from the WannaCry-Hack-team...

Congress Turns Up Heat on HHS About Cybersecurity Threat Report

by Fred Donovan

Congress is taking HHS to task about problems with the department’s cybersecurity threat report required by the Cybersecurity Information Sharing Act of 2015. The HHS Cyber Threat Preparedness Report (CTPR) “omitted or lacked sufficient...

Feds Need to Do Better Job With EHR Data Security, Privacy

by Fred Donovan

The US federal government needs to do a better job at EHR data security and privacy, concluded a federal IT systems audit by the Government Accountability Office (GAO) released May 23. The federal government also must ensure privacy is guaranteed...

Judge Upholds Doc’s Conviction for Criminal HIPAA Violation

by Fred Donovan

US District Judge Mark G. Mastroianni upheld May 16 a federal jury’s earlier conviction of Rita Luthra, a Springfield, Massachusetts-based gynecologist, for a criminal HIPAA violation and obstructing a criminal healthcare investigation. ...

Massachusetts Physician Convicted of Criminal HIPAA Violation

by Fred Donovan

A federal jury has convicted Rita Luthra, a Springfield, Massachusetts-based gynecologist, of a criminal HIPAA violation and obstructing a criminal healthcare investigation, US Department of Justice (DoJ) announced April 30. DoJ alleged that...

SamSam Ransomware Attackers Target Healthcare Providers

by Fred Donovan

So far this year, there have been at least eight cyberattacks on healthcare and government organizations employing the SamSam ransomware, the Department of Health and Human Services (HHS) said in a report released March 30. SamSam ransomware...

HCCIC Releases Update on Spectre, Meltdown Cybersecurity Threats

by Elizabeth Snell

The Healthcare Cybersecurity and Communications Integration Center (HCCIC) released an update on previously discovered Spectre and Meltdown vulnerabilities that could create healthcare cybersecurity threats for organizations. The National Health...

Information Technology, Cybersecurity Issues Common in OIG Areas

by Elizabeth Snell

Cybersecurity issues and information technology issues are both common in numerous areas that the Office of Inspector General (OIG) plans to focus on, according to the latest OIG semiannual report to Congress. OIG wants to keep working on grants...

HHS Pressed on Healthcare Cybersecurity Leadership Changes

by Elizabeth Snell

Recent healthcare cybersecurity leadership changes within HHS have pushed lawmakers to question the agency why those changes took place. Both Margaret Amato and Leo Scanlon emailed bipartisan staff on the House Committee on Energy and Commerce...

Healthcare Cybersecurity Threats Require HHS Bill of Materials

by Elizabeth Snell

The increasing amount of healthcare cybersecurity threats is pushing organizations to utilize numerous technologies to combat potential dangers. It can often be difficult though to have clear visibility into the hardware or software in those...

Evolving Cybersecurity Threats, Protecting Data Top HHS Challenges

by Elizabeth Snell

Adequately addressing the industry’s current cybersecurity threats is a key aspect to one of the major management and performance challenges for HHS, the Office of Inspector General determined in its annual report. OIG’s 2017 Top...

Researchers Question Previous Health Data Breach Study

by Elizabeth Snell

Claiming that larger healthcare facilities have a higher risk of experiencing a health data breach “neglects inherent biases in data collection and reporting practices,” according to a letter published in the Journal of the American...

Stakeholders Stress Healthcare Cybersecurity Focus for HHS

by Elizabeth Snell

Ensuring that healthcare cybersecurity measures continue to improve must remain a key focus area for HHS, industry stakeholders explained in responses to the HHS Information Technology Strategic Plan FY 2017-2020. Cybersecurity and healthcare...

HHS Cybersecurity Measures Center of Recent Legislation

by Elizabeth Snell

Two House Energy and Commerce Committee members reintroduced legislation to address HHS cybersecurity measures, helping the agency better establish its role as an authority in facing current cybersecurity challenges. Rep. Billy Long (R-MO)...

Encouraging Collaboration for Improved Data Security Measures

by Elizabeth Snell

Malicious actors are not going to disappear anytime soon, meaning that healthcare organizations must remain vigilant in improving their data security measures. Collaboration and information sharing will play critical roles in strengthening healthcare...

HIMSS Calls for Secure Data Exchange, HHS Cybersecurity Role

by Elizabeth Snell

In two separate publications, HIMSS has stressed the need for nationwide secure data exchange and also maintained that healthcare must have “a champion at HHS encouraging stakeholders to be proactive and relentlessly vigilant about cybersecurity.”...

How HHS’ HCCIC Will Improve Healthcare Cybersecurity

by Elizabeth Snell

HHS’ Healthcare Cybersecurity and Communications Integration Center (HCCIC) is a critical step toward improving healthcare cybersecurity and will also augment the Department of Homeland Security’s own National Cybersecurity and Communications...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks