Healthcare Information Security

Cybersecurity News

Natus Plugs 8 Cybersecurity Vulnerabilities in EEG Software


Natus Medical has updated its NeuroWorks software to plug eight cybersecurity vulnerabilities that could enable an attacker to get control of the Natus Xltek electroencephalogram (EEG) device and crash it, according to a June 14 ICS-CERT...

Healthcare Orgs, Device Makers Debate Cybersecurity Vulnerabilities


A number of medical organizations have submitted recommendations to the House Energy and Commerce Committee on how to reduce cybersecurity vulnerabilities in aging healthcare IT systems and medical devices under the committee’s...

Organizations Lack Adequate Budget for Medical Device Security


Despite recognizing medical device security as a priority, only 37 percent of more than 100 healthcare practitioners had budgets to implement their device security strategy, according to a HIMSS survey. Most respondents (85%) said...

Court Dismisses FTC Order on LabMD’s Data Security Lapses


In a long anticipated ruling, a federal appeals court has thrown out a Federal Trade Commission (FTC) order directing the now-defunct medical testing firm LabMD to overhaul its data security program. In 2013, the FTC filed a complaint...

Congress Turns Up Heat on HHS About Cybersecurity Threat Report


Congress is taking HHS to task about problems with the department’s cybersecurity threat report required by the Cybersecurity Information Sharing Act of 2015. The HHS Cyber Threat Preparedness Report (CTPR) “omitted or lacked...

Meltdown, Spectre Variants Could Endanger Healthcare Data Security


New variants of the Meltdown and Spectre security vulnerabilities were recently discovered by researchers, possibly putting healthcare data security at risk. The vulnerabilities affect hundreds of millions of processors used in desktop...

Taking a Practical Approach to Healthcare Data Security


Let’s be honest. If you start to discuss all the various aspects of healthcare data security, it’s easy to get overwhelmed quickly. There are so many parts and pieces when it comes to working with proper healthcare security...

Ransomware Attacks Topped List of Cyber Insurance Claims


More than one-quarter of cyber insurance claims received by AIG last year were the result of ransomware attacks, the largest percentage of any cyberattack type, according to the insurance giant’s 2017 cyber insurance claim...

AHA Backs Providers’ Inclusion in FDA Medical Device Security Board


The FDA should include healthcare providers on the medical device security board proposed in the agency’s recently released Medical Device Safety Action Plan, argued the American Hospital Association (AHA). According to the...

ICS-CERT Flags BeaconMedaes Medical Device Security Issues


A recent ICS-CERT advisory warned about medical device security problems with the BeaconMedaes TotalAlert Scroll medical air systems. An attacker could exploit vulnerabilities in the Scroll medical air system web application to view and...

Health IT Security Weakness Found by ONC Challenge Winner


The Secure API Server Showdown Challenge stage 2 winner, 1upHealth, was able to uncover a health IT security weakness in a Fast Healthcare Interoperability Resources (FHIR) server database, announced the HHS Office of the National...

PHI Data Security at Risk in Medtronic’s N’Vision Programmer


Medtronic’s N’Vision clinical programmer does not encrypt protected health information (PHI) or personally identifying information (PII) stored on the machine, putting PHI data security at risk to an attacker with physical...

Ransomware Attack Worries Healthcare IT Pros the Most


A ransomware attack is the type of cyberattack that most worries healthcare IT professionals, according to a survey of 102 HIMSS18 attendees by security firm Imperva. Almost 10 percent of those surveyed had paid a ransom or extortion fee,...

Best Practices to Secure Healthcare IoT, Connected Devices


We live in a connected world. This spans the data center, healthcare IoT, and the enterprise data center. In fact, many of you reading this right now may well have a Nest or Philips Hue in your house. Some of you, like me, might have even...

Older Healthcare OSes Open to Cybersecurity Vulnerabilities


The healthcare industry is the slowest industry in upgrading to Windows 10, meaning that many in healthcare are running older versions of Windows more susceptible to cybersecurity vulnerabilities, according to the latest data from Duo...

Data on 500K Patients Exposed in LifeBridge Healthcare Data Breach


LifeBridge Health, a healthcare provider located in northwest Baltimore, has notified more than 500,000 patients that their personal information may have been exposed in a September 2016 healthcare data breach, the provider said in a...

Healthcare Ransomware Attacks Soared in Q3 2017


The number of healthcare ransomware attacks exploded in the third quarter of 2017, far outpacing all other types of cyberattacks against healthcare companies, but then dropped off sharply in the fourth quarter, according to the latest data...

HITRUST Unveils Certification for NIST Cybersecurity Framework


The Health Information Trust Alliance (HITRUST) launched May 22 a certification program for the NIST Cybersecurity Framework (CSF) that makes it easier for security teams to report on their implementation of the framework to upper...

Most Healthcare Workers Admit to Non-Secure Healthcare Data Sharing


Most healthcare workers surveyed admit to non-secure healthcare data sharing using email. A disturbing 87 percent of healthcare workers admit to using non-secure email to send sensitive information, including PHI, according to survey data...

Healthcare Least Prepared for Ransomware Attacks, Other Cyberattacks


The healthcare and public health sector is the least prepared of the critical infrastructure industries for ransomware attacks and other types of cyberattacks, according to a recent Pwnie Express survey of 582 IT security professionals...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...