Healthcare Information Security

Cybersecurity News

Healthcare Takes Around 350 Days to Identify, Contain Data Breach

by

The healthcare industry had the second highest number of days to identify and contain a data breach, around 350 days, according to a recent study by The Ponemon Institute and IBM. The healthcare industry was second only to the...

Healthcare Cybersecurity Is a Top Safety Issue for Hospital Pros

by

Healthcare cybersecurity was listed as one of the top safety issues for hospitals and other healthcare facilities, behind severe weather and active shooter incidents, according to a survey of 300 healthcare safety professionals by Rave...

Most US Consumers Worry about Electronic Health Records Breach

by

A full 80 percent of 1,000 US consumer surveyed by Unisys are concerned that hackers could access their electronic health records (EHRs) at their healthcare provider. Breaking that down, 14 percent are very concerned about an EHR breach,...

FDA Takes Steps to Beef Up Medical Device Security Bona Fides

by

The FDA has taken some recent steps to beef up its bona fides in medical device security. First, it recently signed a memorandum of agreement with the Department of Homeland Security to implement a new framework for increased...

MNIT Commissioner Faces Legislative Scrutiny Over Phishing Attacks

by

Minnesota IT Services (MNIT) Commissioner Johanna Clyborne faced criticism for the four-month delay in informing victims of two phishing attacks that exposed PHI and other personal information on 20,800 clients of the Minnesota Department...

Health Data Breach on Healthcare.gov Portal Affects 75K People

by

Personal information of around 75,000 individuals is at risk from a health data breach that affected a Healthcare.gov portal for agents and brokers, CMS announced Oct. 19. The breached portal, called the Direct Enrollment pathway, allows...

Mistakes, Not Hacks, Make Up Bulk of Medicaid Data Breaches

by

Most of the Medicaid data breaches that state agencies and their contractors reported in 2016 disclosed information about a single individual and often resulted from misdirected letters or faxes, according to a report released last week by...

CISOs Need to Be Both Healthcare IT Security and Business Experts

by

CISOs need to be business experts as well as healthcare IT security experts, observed University of Chicago Medicine VP and CIO Heather Nelson during her Oct. 19 keynote address at the Safeguarding Health Information: Building Assurance...

NCCoE Unveils Vendor Partners for Medical Device Security Project

by

The NIST-backed National Cybersecurity Center of Excellence (NCCoE) unveiled this week an initial set of vendor partners for a medical device security project called Securing Picture Archiving and Communication Systems (PACS). The vendor...

Healthcare Organizations Struggle with Vendor IT Security Risks

by

BOSTON – Healthcare organizations have a range of approaches for assessing and managing the IT security risks posed by third-party vendors, one of the biggest sources of frustration for security teams. St. Luke’s Health System...

SRA Tool 3.0 Expands Application to More Health Data Security Risks

by

OCR and ONC have updated their security risk assessment (SRA) tool (3.0) to improve usability and expand its application to a broader range of health data security risks. The agencies developed the tool to help small to medium-sized...

Risk Posed By 3rd-Party Services Is Big Healthcare Security Worry

by

BOSTON—Security risks posed by integration of third-party patient services will be an ongoing healthcare security concern for organizations, commented Johns Hopkins University and Medicine CISO Darren Lacey during a panel...

FDA Warns of Cybersecurity Vulnerabilities in CareLink Programmers

by

The FDA has issued a medical device safety alert about cybersecurity vulnerabilities in Medtronic’s CareLink programmers that could enable an attacker to change the functionality of the programmer or the implanted pacemaker it...

‘Payment Notification’ Is Top Healthcare Phishing Attack Subject

by

The term “Payment Notification” is the top healthcare phishing attack subject, appearing in 58 percent of healthcare phishing attack campaigns in 2018, according to the latest data from Cofense. Other popular subjects in...

OIG Forms Team to Protect HHS, Boost Cybersecurity Best Practices

by

The HHS OIG has formed a multidisciplinary cybersecurity team composed of auditors, evaluators, investigators, and attorneys from various HHS agencies to help protect department data and systems and foster cybersecurity best practices...

Same Cybersecurity Vulnerability Uncovered in Different Devices

by

Security researcher Dan Regalado at Zingbox uncovered the same cybersecurity vulnerability — information exposure through an error message — in two medical devices made by different manufacturers. Regalado then notified the...

California Court Denies Motion to Dismiss Health Data Breach Suit

by

The California Superior Court has denied a motion to dismiss a class action lawsuit against A.J. Boggs & Company for a health data breach that exposed confidential medical records of 93 individuals with HIV, Lambda Legal, who is...

Healthcare IT Execs Lack Confidence in Medical Device Security

by

More than 60 percent of healthcare IT executives lack confidence that their current medical device security strategy protects patient safety and prevents disruptions in care. The survey found that only 39 percent of respondents were...

Healthcare Data Security Threatened by APTs Targeting MSPs

by

Advanced persistent threats (APTs) are targeting managed service providers’ networks, endangering healthcare data security and data security in other US critical infrastructure sectors, warned the National Cybersecurity and...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...