Archive for the ‘hipaa’ Category

Cybersecurity, emerging technology and systemic risk: What it means for the medical device industry?

The WEF singled out five global cybersecurity challenges: 1. Increasing sophistication of cyberattacks and cyber adversaries2. Widening cybersecurity skills gap3. Lack of intelligence and operational information sharing4. Keeping up with regulatory changes and uncertainty5. Underinvestment and lack of business buy-in Below, expert insights into these five challenges, as well as paths forward for the medical […]

Leave a Comment

Hospital Operator Takes Network Offline After Major Cyberattack

A Californian hospital operator has made the move to take is network offline after it was hit by a major cyberattack.  Reports state that the Scripps Health computer network that operates across half a dozen hospitals and a number of outpatient facilities in the San Diego, California area was forced to move to offline procedures […]

Leave a Comment

Connected medical devices brought security loopholes mainstream

Connected medical devices are proving essential amidst today’s new normal, but their mainstream adoption has also brought security loopholes to the fore. Fragmented systems have given rise to information silos and unencrypted devices, with hackers increasingly targeting health organizations and hospitals as a result. It is worth considering what cybersecurity leaders can do as data […]

Leave a Comment

The M.D. Anderson Case and the Future of HIPAA Enforcement

The U.S. Court of Appeals for the 5th Circuit just issued a blistering attack on HIPAA enforcement by the U.S. Department of Health and Human Services (HHS). In University of Texas M.D. Anderson Cancer v. Department of Health and Human Services (No. 19-60226, Jan. 14, 2001), the 5th Circuit struck down a fine and enforcement action by HHS as […]

Comments (1)

Exploiting Medical Information Systems

Leave a Comment

Health Insurer Fined $5.1M For 17-Month-Long Data Breach

An American health insurer has been fined $5.1M for a potential HIPAA violation after a data breach saw more than 9.3 million customers impacted and their personal health information potentially accessed.  The health insurer was fined after news of a 17-month data breach came to light, which forced the Excellus Health Plan, Inc. to pay […]

Leave a Comment

Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps

Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it. Source: Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps Healthcare privacy and security Enter […]

Leave a Comment

Cyberattacks against hospitals increased over 1000% last year

Cyberattacks against hospitals increased over 1000% last year : cybersecurity IICS Delhi Ethical Hacking Digital Forensics services Source: Cyberattacks against hospitals increased over 1000% last year What happens when hackers attack a hospital?  Subscribe in a reader

Leave a Comment

8 tactics for mobile data privacy and security

By Mary Mosquera With the sweeping use of mobile devices by healthcare providers, physicians and hospitals need to embrace best practices for protecting sensitive patient data, privacy experts say. For example, encrypt sensitive data when it is necessary to store on wireless devices. Sixty-four percent of physicians own a smartphone and one third of them […]

Leave a Comment

HIPAA poses greatest compliance challenges for information security

The Health Insurance Portability and Accountability Act (HIPAA) is the most challenging information security regulation for businesses to implement, according to a survey by IT management products firm Ipswitch. According to an Ipswitch survey of 100,000 network administrators, 38.2% said that HIPAA was the most challenging information security regulation to implement, followed by the Sarbanes-Oxley […]

Comments (2)

Due diligence is the cost of doing business for healthcare

According to an estimates, the Healthcare in US may be vulnerable to $6 billion annually from data losses in various forms. A survey done by the privacy and data-management firm Ponemon Institute found that Healthcare organizations are still using primitive data management techniques and run the risk of spending an average of US $1 million […]

Leave a Comment

Risky business

Image by purpleslog via Flickr By Mary Mosquera Last year’s HITECH Act toughened the rules and enforcement penalties health information handlers must follow to protect patient privacy. Under the new policy regime, providers will have to pay more attention to the confidentiality and safety of patient information as they move more of their operations toward […]

Leave a Comment

Security glitch exposes WellPoint data again

Image via Wikipedia By Tom Murphy INDIANAPOLIS – WellPoint Inc. has notified 470,000 individual insurance customers that medical records, credit card numbers and other sensitive information may have been exposed in the latest security breach of the health insurer’s records. The Indianapolis company said the problem stemmed from an online program customers can use to […]

Leave a Comment

OCR draft guidelines for security risk analysis

Image by veeliam via Flickr The Health & Human Services Department published draft guidance to help healthcare providers and payers figure out what is expected of them in doing a risk analysis of their protected patient health information. The security rule of the Health Insurance Portability and Accountability Act (HIPAA) requires that providers, payment plans […]

Comments (2)

Healthcare ID theft may rise with digital records

By Margaret Collins BLOOMBERG NEWS Sierra Morgan was billed $12,000 on her health care credit card in November for liposuction, a procedure she never requested or received. “It’s depressing to know that someone used my name and knows so much about me,” said Morgan, 31, a respiratory therapist from Modesto, Calif. There were more than […]

Comments (1)

NorCal’s John Muir hospital warns of breach

Image by Sparticus via Flickr The Associated Press Posted: 04/06/2010 08:31:15 AM PDT WALNUT CREEK, Calif.—More than 5,000 patients in the John Muir hospital system have been warned of a potential security breach after two laptop computers that contained personal and health information were stolen. The laptops were stolen from a perinatal office in Walnut […]

Leave a Comment

HITECH Act increases HIPAA security requirements

by Marcia Savage The health care industry was buzzing with the news: For the first time ever, a hospital was being audited for compliance with HIPAA security requirements. The audit of Piedmont Hospital in Atlanta by the U.S. Department of Health and Human Services’ inspector general in 2007 was surprising for hospitals, health insurers and […]

Leave a Comment

UCSF laptop containing patient files stolen

Image via Wikipedia The Associated Press SAN FRANCISCO—The medical records of more than 4,000 patients at the University of California, San Francisco may have been compromised after a laptop they were on was stolen. Officials with the university said Wednesday the laptop was recovered earlier this month after it was taken from a medical school […]

Comments (7)

Internet security breach found at UCSF

Image via Wikipedia By Erin Allday, SF Chronicle Hackers may have had access to personal information for about 600 UCSF patients as a result of an Internet “phishing” scam, campus officials said Tuesday. The security breach occurred in September when a faculty physician in the UCSF School of Medicine provided a user name and password […]

Comments (2)

Health Net healthcare data breach affects1.5 million

Image via Wikipedia Here we have another unnecessary major security breach in a large healthcare organization which resulted in a loss of patient data demonstrating poor baseline security. They clearly are not ready for the new HIPAA provision ARRA and HITECH. Review my threats page and evaluate your current business and system risks to make […]

Comments (14)