Healthcare Information Security

Cybersecurity News

NIST Cybersecurity Included in Latest HITRUST CSF Version

July 21, 2017 - Version 9 of the HITRUST CSF will be released in August 2017 and is set to address the NIST Cybersecurity Framework requirements as well, according to a HISTRUST statement. A single assessment will include the necessary controls to address the NIST CSF. There will also be a report to display the HITRUST CSF controls through the NIST CSF Core Subcategories lens. Blue Cross and Blue Shield of...


Articles

Hacking Continues to Cause Majority of Reported Data Breaches

by

Through June 2017 there has been a 29 percent increase from 2016 in US reported data breaches, according to a report from the Identity Theft Resource Center (ITRC) and CyberScout. Overall, the number of breaches could hit a 37 percent annual...

Top 3 Essentials in Preparing for Ransomware Attacks

by

With each week seeming to bring in a report of a new ransomware attack, healthcare organizations cannot afford to assume that this type of cybersecurity issue will never affect them. Preparing for ransomware attacks in the healthcare industry...

Patient Safety Critical Part of Healthcare Information Security

by

Healthcare data breaches, denial of service (DoS) attacks, and ransomware attacks are a few of the potential threats to healthcare information security that could impact patient safety, according to a report published in The New England Journal...

Applying Healthcare Information Sharing to Data Security

by

As cybersecurity threats continue to evolve, healthcare information sharing can be a boon to organizations of all sizes. Industry stakeholders can learn best practices, and see how others in the sector are working to prevent data security issues....

95% of Healthcare Orgs Not Utilizing Risk Management Software

by

Healthcare organizations continue to prioritize PHI security, but often have limited resources – such as access to risk management software – according to a recent Netwrix survey. Nearly all surveyed entities – 95 percent –...

3 Top Tips for Migrating, Upgrading Healthcare Data Security

by

It goes without saying that the modern healthcare organization absolutely revolves around its own data security capabilities. How well is PHI data being secured? How well are you pushing out critical updates? How are users accessing your data...

DHS Updates on Federal Network Cybersecurity, Infrastructure

by

The Department of Homeland Security’s (DHS) United States Computer Emergency Readiness Team (US-CERT) recently posted updates on federal network cybersecurity measures, along with current steps being taken to strengthen infrastructure...

NIST Funding Can Strengthen National Cybersecurity Efforts

by

An increase in National Institute of Standards and Technology (NIST) funding for fiscal year 2018 will help support critical public-private efforts to strengthen national cybersecurity, according to HIMSS and other industry stakeholders. HIMSS...

Creating a Healthcare Security Incident Reporting Process

by

With the recent wave of ransomware attacks, hacking attempts, and unauthorized disclosures, healthcare organizations have more opportunities to exercise their incident management plans. Unfortunately, these same organizations are learning the...

Increased Training Can Benefit Healthcare Secure Messaging

by

With patient portals helping fuel healthcare secure messaging, additional training for both patients and providers can help alleviate “rules of engagement” concerns, according to a study published in the Journal of Medical Internet...

Keeping Healthcare Information Security Training a Priority

by

Without the right information security training, healthcare providers could fall victim to numerous types of cybersecurity issues, such as a ransomware attack. Employees at all levels need to understand the types of warning signs to look for...

NH-ISAC Issues Petya Ransomware Vaccine, Mitigation

by

The National Health Information Sharing and Analysis Center (NH-ISAC) announced that it had a Petya ransomware vaccine, and also discussed mitigation tactics that organizations can follow to minimize the potential risk of infection. Entities...

Shifting the Corporate Focus to Healthcare Data Security

by

Healthcare environments continue to change and evolve within today’s digital environment. In fact, many healthcare shops are working extra hard to align with a new, “digitally native” user. We’re seeing things like digital...

Health System, Pharma Firm Report Cybersecurity Incidents

by

Pennsylvania-based Heritage Valley Health System (HVHS) reported that it had experienced a cybersecurity incident on June 27, 2017. While HVHS did not specifically identify the type of ransomware attack, it said that it was “identified...

US-CERT Warns of Petya Ransomware, Microsoft Vulnerabilities

by

Using unpatched and unsupported software may increase the risk of being affected by malicious software, such as Petya ransomware infections, according to the Department of Homeland Security’s (DHS) US Computer Emergency Readiness Team (US-CERT)....

Incentivize Cybersecurity Best Practices for Data Security

by

Maintaining strong patient data security in the ever-evolving healthcare IT space will heavily depend on strong cyber hygiene and proper cybersecurity best practices, according to American Medical Association Board of Trustees Secretary Jesse...

FDA Implementing Risk-Based Medical Device Regulation

by

The FDA will soon launch a new Digital Health Innovation Plan, which will include a focus on implementing a risk-based approach to medical device regulation, according to FDA Commissioner Scott Gottlieb, MD. Gottlieb explained in a recent...

Key Ransomware Prevention Measures in Recent Executive Order

by

An executive order signed by the president in May 2017 has important guidelines and priorities organizations can follow to improve their cybersecurity, including instilling stronger ransomware prevention, according to a blog post by UC Berkeley...

Patient Safety, PHI Security Key in HHS Cybersecurity Role

by

The recent WannaCry ransomware attack shows how patient safety, along with PHI security, need to be key focus areas in the HHS cybersecurity role, according to the House Subcommittee on Oversight and Investigations. In a hearing held earlier...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks