Healthcare Information Security

Cybersecurity News

Cryptocurrency Mining Tops Ransomware Attacks as New Cyberthreat

June 18, 2018 - While ransomware attacks continue to preoccupy the minds of healthcare IT security pros, a new threat is emerging—cryptocurrency mining. Not as devastating as ransomware, cryptocurrency mining malware can still degrade system performance and cause vital healthcare IT systems to slow down or even shut down due to the enormous processing power the malware uses to mine cryptocurrency....


Articles

Natus Plugs 8 Cybersecurity Vulnerabilities in EEG Software

by

Natus Medical has updated its NeuroWorks software to plug eight cybersecurity vulnerabilities that could enable an attacker to get control of the Natus Xltek electroencephalogram (EEG) device and crash it, according to a June 14 ICS-CERT advisory....

Healthcare Orgs, Device Makers Debate Cybersecurity Vulnerabilities

by

A number of medical organizations have submitted recommendations to the House Energy and Commerce Committee on how to reduce cybersecurity vulnerabilities in aging healthcare IT systems and medical devices under the committee’s Supported...

Organizations Lack Adequate Budget for Medical Device Security

by

Despite recognizing medical device security as a priority, only 37 percent of more than 100 healthcare practitioners had budgets to implement their device security strategy, according to a HIMSS survey. Most respondents (85%) said they used...

Court Dismisses FTC Order on LabMD’s Data Security Lapses

by

In a long anticipated ruling, a federal appeals court has thrown out a Federal Trade Commission (FTC) order directing the now-defunct medical testing firm LabMD to overhaul its data security program. In 2013, the FTC filed a complaint against...

Congress Turns Up Heat on HHS About Cybersecurity Threat Report

by

Congress is taking HHS to task about problems with the department’s cybersecurity threat report required by the Cybersecurity Information Sharing Act of 2015. The HHS Cyber Threat Preparedness Report (CTPR) “omitted or lacked sufficient...

Meltdown, Spectre Variants Could Endanger Healthcare Data Security

by

New variants of the Meltdown and Spectre security vulnerabilities were recently discovered by researchers, possibly putting healthcare data security at risk. The vulnerabilities affect hundreds of millions of processors used in desktop computers,...

Taking a Practical Approach to Healthcare Data Security

by

Let’s be honest. If you start to discuss all the various aspects of healthcare data security, it’s easy to get overwhelmed quickly. There are so many parts and pieces when it comes to working with proper healthcare security it’s...

Ransomware Attacks Topped List of Cyber Insurance Claims

by

More than one-quarter of cyber insurance claims received by AIG last year were the result of ransomware attacks, the largest percentage of any cyberattack type, according to the insurance giant’s 2017 cyber insurance claim statistics. AIG...

AHA Backs Providers’ Inclusion in FDA Medical Device Security Board

by

The FDA should include healthcare providers on the medical device security board proposed in the agency’s recently released Medical Device Safety Action Plan, argued the American Hospital Association (AHA). According to the FDA’s...

ICS-CERT Flags BeaconMedaes Medical Device Security Issues

by

A recent ICS-CERT advisory warned about medical device security problems with the BeaconMedaes TotalAlert Scroll medical air systems. An attacker could exploit vulnerabilities in the Scroll medical air system web application to view and modify...

Health IT Security Weakness Found by ONC Challenge Winner

by

The Secure API Server Showdown Challenge stage 2 winner, 1upHealth, was able to uncover a health IT security weakness in a Fast Healthcare Interoperability Resources (FHIR) server database, announced the HHS Office of the National Coordinator...

PHI Data Security at Risk in Medtronic’s N’Vision Programmer

by

Medtronic’s N’Vision clinical programmer does not encrypt protected health information (PHI) or personally identifying information (PII) stored on the machine, putting PHI data security at risk to an attacker with physical access...

Ransomware Attack Worries Healthcare IT Pros the Most

by

A ransomware attack is the type of cyberattack that most worries healthcare IT professionals, according to a survey of 102 HIMSS18 attendees by security firm Imperva. Almost 10 percent of those surveyed had paid a ransom or extortion fee, while...

Best Practices to Secure Healthcare IoT, Connected Devices

by

We live in a connected world. This spans the data center, healthcare IoT, and the enterprise data center. In fact, many of you reading this right now may well have a Nest or Philips Hue in your house. Some of you, like me, might have even more...

Older Healthcare OSes Open to Cybersecurity Vulnerabilities

by

The healthcare industry is the slowest industry in upgrading to Windows 10, meaning that many in healthcare are running older versions of Windows more susceptible to cybersecurity vulnerabilities, according to the latest data from Duo Security....

Data on 500K Patients Exposed in LifeBridge Healthcare Data Breach

by

LifeBridge Health, a healthcare provider located in northwest Baltimore, has notified more than 500,000 patients that their personal information may have been exposed in a September 2016 healthcare data breach, the provider said in a statement...

Healthcare Ransomware Attacks Soared in Q3 2017

by

The number of healthcare ransomware attacks exploded in the third quarter of 2017, far outpacing all other types of cyberattacks against healthcare companies, but then dropped off sharply in the fourth quarter, according to the latest data from...

HITRUST Unveils Certification for NIST Cybersecurity Framework

by

The Health Information Trust Alliance (HITRUST) launched May 22 a certification program for the NIST Cybersecurity Framework (CSF) that makes it easier for security teams to report on their implementation of the framework to upper management,...

Most Healthcare Workers Admit to Non-Secure Healthcare Data Sharing

by

Most healthcare workers surveyed admit to non-secure healthcare data sharing using email. A disturbing 87 percent of healthcare workers admit to using non-secure email to send sensitive information, including PHI, according to survey data provided...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks