Healthcare Information Security

NIST Cybersecurity Framework

NTIA Privacy Principles Plan Parallels NIST Privacy Framework Bid

September 26, 2018 - In parallel with the NIST Privacy Framework effort, the Commerce Department’s NTIA is working on a set of consumer data privacy principles. On Tuesday, it published a request for comment to get consumer and industry feedback on the principles. NTIA is proposing an approach to data privacy that “lays out a set of user-centric privacy outcomes that underpin the protections...


More Articles

NIST Cybersecurity Framework To Get Privacy Framework Companion

by Fred Donovan

NIST is launching a collaborative privacy framework initiative as a complement to the NIST Cybersecurity Framework, the agency announced Sept. 4. The privacy framework would provide voluntary guidelines for protecting privacy in an era of...

CISOs Unite To Improve IT Security in Healthcare Supply Chain

by Fred Donovan

Healthcare CISOs have set up a council to develop, recommend, and promote security best practices to bolster IT security throughout the healthcare supply chain. Founding members of the Provider Third Party Risk Management Council include...

Wireless Infusion Pumps Could Increase Cybersecurity Vulnerability

by Fred Donovan

Wirelessly connecting infusion pumps to point-of-care medication systems and EHRs improves healthcare delivery but also increases cybersecurity vulnerability, warned NIST and the National Cybersecurity Center of Excellence (NCCoE) in a new...

Congress Turns Up Heat on HHS About Cybersecurity Threat Report

by Fred Donovan

Congress is taking HHS to task about problems with the department’s cybersecurity threat report required by the Cybersecurity Information Sharing Act of 2015. The HHS Cyber Threat Preparedness Report (CTPR) “omitted or lacked...

HITRUST Unveils Certification for NIST Cybersecurity Framework

by Fred Donovan

The Health Information Trust Alliance (HITRUST) launched May 22 a certification program for the NIST Cybersecurity Framework (CSF) that makes it easier for security teams to report on their implementation of the framework to upper...

Medical Device Security Should Be Focus for Healthcare Providers

by Fred Donovan

While ransomware attacks on hospitals have caught the headlines, medical device security and supply chain risk should be of greater concern to healthcare providers, according to a recent report by Trend Micro and HITRUST entitled Securing...

NIST Unveils Latest Version of Its Popular Cybersecurity Framework

by Fred Donovan

The National Institute of Standards and Technology (NIST) recently released version 1.1 of its popular Cybersecurity Framework, which incorporates feedback received from public comments and workshops during 2016 and 2017. Version 1.1...

Threat Intelligence Sharing Essential for Healthcare Cybersecurity

by Elizabeth Snell

The National Health Information Sharing and Analysis Center (NH-ISAC) constantly stresses the need for threat intelligence sharing in the healthcare sector, especially as cybersecurity threats grow increasingly...

Federal Cybersecurity Program Funding Urged in Letter to Congress

by Elizabeth Snell

The Department of Homeland Security’s (DHS) federal cybersecurity program will greatly benefit from increased funding in Fiscal Year 2019, according to a trio of lawmakers. Reps. John Ratcliffe (R-Texas), Jim Langevin (D-R.I.) and...

Improving Cybersecurity Response in Healthcare Organizations

by Elizabeth Snell

Organizations must have the right staff members in place who are properly trained, and also have appropriate technical tools to ensure that a proper cybersecurity response can occur following a data security incident. Healthcare entities...

Implementing the NIST CSF for Improved Healthcare Data Security

by Elizabeth Snell

Cybersecurity frameworks are often cited as key ways for organizations to improve their approach to healthcare data security, especially as more entities utilize connected devices and work toward interoperability. The National Institute...

HIMSS: NIST CSF Can Improve Healthcare Cybersecurity Infrastructure

by Elizabeth Snell

NIST’s second draft of its Cybersecurity Framework (the Framework) is overall a positive step toward improving the nation’s cybersecurity, according to comments from HIMSS. However, there is room for some improvement to ensure...

Revised NIST Infrastructure Cybersecurity Framework Released

by Elizabeth Snell

In an effort to help organizations continue to improve their cybersecurity risk management in critical infrastructure, NIST released a revised draft of its Cybersecurity Framework last week. The second draft of the Framework...

Medical Device Cybersecurity Focus of AEHIS, MDISS Collaboration

by Elizabeth Snell

Medical device cybersecurity education, best practices, advocacy, and information sharing are key objectives in the recently announced collaboration between the Association for Executives in Healthcare Information Security (AEHIS) and the...

NIST CSF, Risk Management Key for Cybersecurity Improvements

by Elizabeth Snell

The NIST Cyberscurity Framework (CSF) can be implemented using the established NIST risk management process, which will help organizations across industries develop a more effective, efficient, and cost-effective risk management processes,...

Why Guidance is Critical for Strengthening Healthcare Cybersecurity

by Elizabeth Snell

Healthcare providers must adhere to HIPAA rules and required state regulation with regard to maintaining data security. But not all regulations are specific in how covered entities should approach healthcare cybersecurity in an evolving...

What Are Critical Considerations in Risk Management?

by Elizabeth Snell

Healthcare risk management is an increasingly critical area as cybersecurity threats continue to evolve. Regardless of an organization’s size, it needs to ensure that the right policies, procedures, and tools are in place so staff...

NIST Cybersecurity Included in Latest HITRUST CSF Version

by Elizabeth Snell

Version 9 of the HITRUST CSF will be released in August 2017 and is set to address the NIST Cybersecurity Framework requirements as well, according to a HISTRUST statement. A single assessment will include the necessary controls to...

DHS Updates on Federal Network Cybersecurity, Infrastructure

by Elizabeth Snell

The Department of Homeland Security’s (DHS) United States Computer Emergency Readiness Team (US-CERT) recently posted updates on federal network cybersecurity measures, along with current steps being taken to strengthen...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks