Healthcare Information Security

Risk Management

NIST Unveils Latest Version of Its Popular Cybersecurity Framework

April 17, 2018 - The National Institute of Standards and Technology (NIST) recently released version 1.1 of its popular Cybersecurity Framework, which incorporates feedback received from public comments and workshops during 2016 and 2017. Version 1.1 of the Framework for Improving Critical Infrastructure Cybersecurity (The Framework) includes updates on authentication and identity, self-assessing cybersecurity...


More Articles

OIG Compliance Audit Finds HHS Risk Management, IAM Issues Continue

by Elizabeth Snell

The enterprise-wide information security program within the Department of Health and Human Services (HHS) has improved, but there are still risk management weaknesses, issues with identity and access management (IAM), and problems in other areas,...

Healthcare Risk Assessments Key Driver for Security Investments

by Elizabeth Snell

More providers are adopting cybersecurity frameworks and prioritizing risk assessment, according to the third annual Symantec and HIMSS Analytics HIT Security and Risk Management Study. However, organizations are still underinvesting in cybersecurity,...

Healthcare Cybersecurity Threats Hinder HIT Development

by Elizabeth Snell

Healthcare organizations across the globe are working to adopt and deploy EHRs without opening themselves up to interoperability issues, healthcare cybersecurity threats, and HIT infrastructure problems, according to a recent Black Book survey....

Implementing the NIST CSF for Improved Healthcare Data Security

by Elizabeth Snell

Cybersecurity frameworks are often cited as key ways for organizations to improve their approach to healthcare data security, especially as more entities utilize connected devices and work toward interoperability. The National Institute of Standards...

5 HIPAA Data Breaches Lead to $3.5M OCR Settlement

by Elizabeth Snell

Fresenius Medical Care North America (FMCNA) recently agreed to a $3.5 million OCR settlement following allegations that it committed HIPAA violations on five different occasions at separate FMCNA covered entities. FMCNA provides product and...

How Healthcare Organizations Can Reduce Cyber Extortion Risk

by Elizabeth Snell

Healthcare organizations must be mindful of how they reduce cyber extortion risk because covered entities maintain sensitive data and provide necessary services, OCR stated in its January Cybersecurity Newsletter. Cyber extortion often consists...

HCCIC Releases Update on Spectre, Meltdown Cybersecurity Threats

by Elizabeth Snell

The Healthcare Cybersecurity and Communications Integration Center (HCCIC) released an update on previously discovered Spectre and Meltdown vulnerabilities that could create healthcare cybersecurity threats for organizations. The National Health...

OIG: Security Risk Assessments, Disaster Recovery Needed at Hospitals

by Elizabeth Snell

While two Indian Health Service (IHS) hospitals had increased system security and physical controls surrounding prescription drug and opioid disbursements, the Office of Inspector General (OIG) still determined that more improvements needed to...

Healthcare Cybersecurity Top Digital Priority for Org Leaders

by Elizabeth Snell

The majority of health systems plan to increase technology spending to improve their healthcare cybersecurity measures next year, according to a survey conducted by the Pittsburgh-based Center for Connected Medicine (CCM), in partnership...

EHNAC: Risk Assessments, IoT Security Crucial in Attack Mitigation

by Elizabeth Snell

Hospitals and healthcare organizations need to keep a strong focus on their risk management and risk assessment process and ensure that any third parties or business associates also have proper security and IT risk management protocols in...

NIST CSF, Risk Management Key for Cybersecurity Improvements

by Elizabeth Snell

The NIST Cyberscurity Framework (CSF) can be implemented using the established NIST risk management process, which will help organizations across industries develop a more effective, efficient, and cost-effective risk management processes, according...

How Vendors, Providers Can Create Strong Health Data Security

by Elizabeth Snell

When it comes to maintaining HIPAA compliance, both healthcare providers and their chosen third-party vendors – or business associates – need to work together for comprehensive and current health data security. Compliance can get...

HITRUST Urges Collaboration for Improved Healthcare Cybersecurity

by Elizabeth Snell

HITRUST held its first Community Extension Program meeting last week at Tufts Medical Center in downtown Boston, talking challenges, best practices, and lessons learned in healthcare risk management programs. One of the overarching goals of the...

What Are Critical Considerations in Risk Management?

by Elizabeth Snell

Healthcare risk management is an increasingly critical area as cybersecurity threats continue to evolve. Regardless of an organization’s size, it needs to ensure that the right policies, procedures, and tools are in place so staff members...

HITRUST, Trend Micro Set to Improve Cyber Threat Management

by Elizabeth Snell

HITRUST and Trend Micro have partnered together in an effort to further advance cyber threat information sharing and the cyber threat management process, according to a HITRUST release. The HITRUST Cyber Threat Management and Response Center...

Healthcare Risk Management Key Area in New HITRUST Program

by Elizabeth Snell

A Community Extension Program designed to aid healthcare organizations discuss challenges, best practices, and lessons learned in healthcare risk management programs will soon be launched nationwide, according to HITRUST. The program will also...

95% of Healthcare Orgs Not Utilizing Risk Management Software

by Elizabeth Snell

Healthcare organizations continue to prioritize PHI security, but often have limited resources – such as access to risk management software – according to a recent Netwrix survey. Nearly all surveyed entities – 95 percent –...

Vendor Risk Management Key Focus in Recent HITRUST Program

by Elizabeth Snell

A new HITRUST exchange aims to help entities as they request and receive third-party security and privacy risk assessment information, streamlining the vendor risk management process. The HITRUST Assessment Exchange will utilize the HITRUST CSF...

2017 OCR HIPAA Settlements Focus on Risk Analyses, Safeguards

by Elizabeth Snell

Maintaining PHI security must remain a top priority for covered entities and business associates year-round. Lackluster safeguards and irregular risk analyses can lead to potential data security issues, and even an OCR HIPAA settlement. With...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks

Continue to site...