Healthcare Information Security

NIST

NCCoE Unveils Vendor Partners for Medical Device Security Project

October 18, 2018 - The NIST-backed National Cybersecurity Center of Excellence (NCCoE) unveiled this week an initial set of vendor partners for a medical device security project called Securing Picture Archiving and Communication Systems (PACS). The vendor partners include Cisco, Clearwater Compliance, DigiCert, ForeScout, Hyland, Symantec, TDi Technologies, Tempered Networks, Tripwire, Virta Labs, and...


More Articles

NIST Warns About Cybersecurity Vulnerabilities in Healthcare IoT

by Fred Donovan

NIST has issued a draft report examining the cybersecurity vulnerabilities and privacy risks posed by Internet of Things (IoT) devices, including healthcare IoT.  “Many organizations are not necessarily aware they are using a...

NIST, NCCoE Publish Guide on Healthcare Mobile Device Security

by Fred Donovan

NIST and the National Cybersecurity Center of Excellence (NCCoE) have released a guide on how providers can improve healthcare mobile device security to better protect PHI. The guidance, Securing Electronic Records on Mobile Devices,...

Software Patching Integral to PHI Data Security, HIPAA Compliance

by Fred Donovan

Healthcare organizations and vendors are responsible for identifying and mitigating the risks unpatched software poses to ePHI as part of their HIPAA compliance, OCR advised in its June Cybersecurity Newsletter. As part of their risk...

HITRUST Unveils Certification for NIST Cybersecurity Framework

by Fred Donovan

The Health Information Trust Alliance (HITRUST) launched May 22 a certification program for the NIST Cybersecurity Framework (CSF) that makes it easier for security teams to report on their implementation of the framework to upper...

Health IoT Security Top Connected Technology Application Area

by Elizabeth Snell

Policymakers, managers, and standards participants need to be properly informed and enabled to develop and use cybersecurity standards in IoT components, systems, and services, according to a NIST workgroup. Health IoT security and four...

Implementing the NIST CSF for Improved Healthcare Data Security

by Elizabeth Snell

Cybersecurity frameworks are often cited as key ways for organizations to improve their approach to healthcare data security, especially as more entities utilize connected devices and work toward interoperability. The National Institute...

HIMSS: NIST CSF Can Improve Healthcare Cybersecurity Infrastructure

by Elizabeth Snell

NIST’s second draft of its Cybersecurity Framework (the Framework) is overall a positive step toward improving the nation’s cybersecurity, according to comments from HIMSS. However, there is room for some improvement to ensure...

Revised NIST Infrastructure Cybersecurity Framework Released

by Elizabeth Snell

In an effort to help organizations continue to improve their cybersecurity risk management in critical infrastructure, NIST released a revised draft of its Cybersecurity Framework last week. The second draft of the Framework...

Partnership Stressed in IoMT Medical Device Cybersecurity Bill

by Elizabeth Snell

Two state representatives introduced a medical device cybersecurity bill this week that focuses on centralizing current and relevant frameworks, guidelines, and standards for Internet of Medical Things (IoMT) devices. There must be...

NIST CSF, Risk Management Key for Cybersecurity Improvements

by Elizabeth Snell

The NIST Cyberscurity Framework (CSF) can be implemented using the established NIST risk management process, which will help organizations across industries develop a more effective, efficient, and cost-effective risk management processes,...

OIG Notes NC Potential Medicaid Data Security Vulnerabilities

by Elizabeth Snell

The North Carolina State Medicaid agency (State agency) did not implement necessary information system general controls to ensure proper Medicaid data security measures, according to an OIG report. The State agency contracts with CRSA,...

Improve Healthcare Authentication with New NIST Guide

by Elizabeth Snell

NIST recently released updated digital identity guidelines for federal agencies looking to create a secure authentication process. While not designed for healthcare authentication specifically, the guidelines could help the industry ensure...

NICE Cybersecurity Workforce Framework Focuses on Education

by Elizabeth Snell

The National Initiative for Cybersecurity Education (NICE) released a Cybersecurity Workforce Framework to help organizations in various sectors educate and train staff members in needed cybersecurity measures. Entities will also have...

Using NIST Guidance for Better Risk Assessment, Data Security

by Elizabeth Snell

A structured method of prioritizing programs, systems, and components based on their importance is a critical part of an organization’s risk assessment process and approach to data security, according to a recent NIST special...

OIG Notes Va. Medicaid Information Security Vulnerabilities

by Elizabeth Snell

An Office of Inspector General (OIG) audit found the Virginia Medicaid Management Information System (MMIS) to have information security vulnerabilities. “Virginia did not adequately secure its Medicaid data and information systems,...

Medical Device Security Focus in Recent NCCoE Collaboration

by Elizabeth Snell

The National Cybersecurity Center of Excellence (NCCoE) recently released a draft of the NIST Cybersecurity Practice Guide, Securing Wireless Infusion Pumps in Healthcare Delivery Organizations, to help improve medical device...

Improve Healthcare Data Security with Stronger Authentication

by Elizabeth Snell

The comment period recently closed on NIST special publications discussing digital identity guidelines, which could potentially impact healthcare organizations working to improve their healthcare data security measures. “Identity...

House Committee Passes NIST Small Business Cybersecurity Act

by Elizabeth Snell

The US House Committee on Science, Space, and Technology passed the NIST Small Business Cybersecurity Act of 2017 earlier this week in an effort to ensure that small businesses are given necessary resources to reduce their risk for...

HIMSS Urges Holistic Approach in NIST Cybersecurity Framework

by Elizabeth Snell

Having a holistic approach to healthcare cybersecurity is essential in the industry, but there is a lack of alignment between the people, processes, and technology, according to HIMSS. That lack of alignment often creates difficulty for...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...