While healthcare entities and their vendors apparently are improving their encryption practices for computing and storage devices, regulators are also urging organizations to avoid overlooking the importance of physically securing and tracking these devices to help safeguard PHI.
Philips and Becton Dickinson have each issued multiple alerts this year regarding cybersecurity flaws in some of their medical devices. Some security experts say the two companies' transparency about cybersecurity issues - including new alerts issued last week - should be emulated by other manufacturers.
Some terms of the recent $115 million settlement in the class action lawsuit against health insurer Anthem tied to a 2015 cyberattack appear underwhelming for the victims, says attorney James DeGraw, who explains why.
Augusta University Health in Georgia says it just recently concluded that a phishing attack that occurred - and was detected - 10 months ago resulted in a breach potentially exposing information on 417,000 individuals. Security experts are questioning why the breach determination took so long.
The Department of Homeland Security and Philips have issued alerts about cyber vulnerabilities that have been identified in some of the company's medical devices. Are device makers becoming more forthcoming about cyber issues?
Maryland's Medicaid system has "numerous significant" security weaknesses that need to be addressed, according to a federal watchdog agency. Earlier audits of other state Medicaid programs have yielded similar results
Almost 6 million Americans had their patient records stolen or exposed in healthcare breaches over the past year with ransomware being a frequent and highly effective form of attack. Recent successful variants such as SamSam and Ryuk have caused an estimated $7 million in damages alone.
Clearly, ransomware is a...
Many medical device makers appear to building better cybersecurity into their products, but some manufacturers are still avoiding fixing vulnerabilities in legacy devices that pose potential safety risks, says security researcher Billy Rios, who discusses the latest flaws in some Medtronic cardiac devices.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
Documents containing information on more than 300,000 patients were recently discovered on the former campus of a Missouri hospital that's being prepared for demolition four years after the hospital moved to new facilities. The incident illustrates the need to track all paper records that contain PHI.
Healthcare organizations are attractive targets for today's hackers due to reams of personal information providers process and store. These electronic health records are like digital gold to adversaries who sell them on the black market.
Download the ThreatQ for Healthcare Industry Brief to learn:
The key challenges...
Finding out your healthcare organization has been breached can be devastating news. Knowing how to deal with an intruder who has broken through your cyber defenses can be even more challenging.
This whitepaper offers practical steps healthcare IT and security professionals should take after a cyberattack occurs....
The year's CrowdStrike® Global Threat Report offers one of the industry's most comprehensive reports on today's most damaging cyberattacks and dangerous adversaries. It contains valuable insights into the evolving threat landscape and includes recommendations that will help you be better prepared for the security...
The healthcare industry is at an information security crossroads, ill-prepared for the cyberattacks increasingly targeting it. This session reviews how the focus on security regulatory compliance has hindered the sectors' ability to prevent, detect and respond to the current cyberthreat landscape. It also reviews how...