Healthcare Information Security

Cybersecurity News

Medical Device Security Should Be Focus for Healthcare Providers

April 23, 2018 - While ransomware attacks on hospitals have caught the headlines, medical device security and supply chain risk should be of greater concern to healthcare providers, according to a recent report by Trend Micro and HITRUST entitled Securing Connected Hospitals. Researchers at Trend Micro analyzed internet-connected medical devices and systems using the Shodan search engine and found many that...


Articles

Cybersecurity Vulnerabilities Could Expose PHI in Heart Device

by

Attackers with physical access to the Biosense Webster CARTO 3 version 4 (V4) heart imaging device could exploit cybersecurity vulnerabilities in the operating system to access protected health information (PHI) stored on the device, warned the...

Reducing Cybersecurity Vulnerabilities Part of FDA Action Plan

by

The Food and Drug Administration (FDA) is asking Congress for additional authority and funding to expand its efforts to improve medical device safety, including reducing cybersecurity vulnerabilities in devices, said FDA Commissioner Scott Gottlieb...

FDA Warns of Cybersecurity Vulnerability in Defibrillators

by

Hackers could exploit a cybersecurity vulnerability in implantable cardiac defibrillators made by Abbott Laboratories (formerly St. Jude Medical) and endanger patient safety, according to a safety communication from the Food and Drug Administration...

Applying Inogen Data Breach Lessons to Healthcare Providers

by

The recent Inogen data breach, in which hackers were able to penetrate an employee’s email account, highlights the need for healthcare organizations to use multifactor authentication (MFA) to control access and to get robust cyber...

NIST Unveils Latest Version of Its Popular Cybersecurity Framework

by

The National Institute of Standards and Technology (NIST) recently released version 1.1 of its popular Cybersecurity Framework, which incorporates feedback received from public comments and workshops during 2016 and 2017. Version 1.1 of...

SamSam Ransomware Attackers Target Healthcare Providers

by

So far this year, there have been at least eight cyberattacks on healthcare and government organizations employing the SamSam ransomware, the Department of Health and Human Services (HHS) said in a report released March 30. SamSam ransomware...

Healthcare Industry Worst in Stopping Insider Data Breaches

by

The healthcare industry is the worst when it comes to stopping insider data breaches, according to Verizon’s 2018 Data Breach Investigations Report (DBIR) released April 10. The report found that the healthcare industry was the only sector...

GAO Raps CMS for Lax Healthcare Data Security in Medicare

by

The Centers for Medicare and Medicaid Services (CMS) is lax in its oversight of healthcare data security when it comes to Medicare beneficiaries, particularly for sharing data with researchers, warned a government watchdog agency. Recent data...

ICS-CERT Flags Philips, GE Medical Device Vulnerabilities

by

Dutch healthcare technology giant Philips is reporting medical device vulnerabilities in its iSite and IntelliSpace PACS medical imaging archiving communications systems as well as its Alice 6 polysomnography system, according to security advisories...

Survey Finds Lax Patching Practices Feed Healthcare Data Breaches

by

Patching vulnerabilities in your systems and applications is one of the most important steps you can take to prevent a healthcare data breach at your organization. Yet, a majority of security professionals in the healthcare and pharmaceutical...

Alabama Last US State to Enact Data Breach Notification Law

by

Alabama Governor Kay Ivey has inked a data breach notification law that requires organizations and agencies to notify data breach victims within 45 days, becoming the last US state to enact such a statute. The law, which takes effect May...

Creating Strong Healthcare Data Security, Positive User Experience

by

I was working with a healthcare organization recently and were discussing some new data security initiatives around remote, mobile, and local users. We had a few teams in the room with us. The end-user compute (EUC) team focused on application...

Healthcare Pros Worry about Data Security at Other Organizations

by

Many healthcare professionals are conflicted when it comes to data security. More than three-fourths of 122 healthcare professionals surveyed by security vendor Venafi at HIMSS18 are worried about healthcare data security, yet 68 percent believe...

Preparing for a Potential Healthcare Data Breach Investigation

by

A current and comprehensive risk management plan, including a good auditing process, will be critical for organizations that must deal with a healthcare data breach investigation. Covered entities and business associates will be better able to...

Securing IoT Devices in the Increasingly Connected Hospital System

by

As a millennial, I love working with a connected hospital system. I can chat with my doctors through my phone, I can track my own information when I’m doing a visit, and I can even show my doctor some health stats from my fitness monitors....

South Dakota is 49th State to Pass Data Breach Notification Law

by

South Dakota became the 49th state to have a data breach notification law when Governor Dennis Daugaard signed SB 62 into law on March 21, 2018. The bill includes health information in its definition of personal information as well, which should...

Attorneys General Stress Need for State Data Breach Laws

by

It would be greatly detrimental to have federal regulations that preempt state data security and state data breach laws, according to a group of 32 attorneys general, led by Illinois Attorney General Lisa Madigan. The letter explains concerns...

Threat Intelligence Sharing Essential for Healthcare Cybersecurity

by

The National Health Information Sharing and Analysis Center (NH-ISAC) constantly stresses the need for threat intelligence sharing in the healthcare sector, especially as cybersecurity threats grow increasingly sophisticated. Healthcare...

Utilizing Holistic Cybersecurity Measures Against Evolving Threats

by

It is essential for healthcare providers to evolve their cybersecurity program to stay ahead of evolving threats, utilizing holistic cybersecurity measures that focus on prevention, detection, and response. That was the focus of a HIMSS18 education...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks

Continue to site...