Patient safety and care disruption are now directly in the crosshairs of bad actors in cyberspace, leaving many healthcare leaders to wonder whether their organizations are truly prepared when an incident occurs. In response, healthcare leaders must be able to actively measure the progress, maturity, and effectiveness...
As healthcare becomes increasingly interconnected, web tracking is easy to overlook but could introduce additional risks to patient privacy. Learn about the different kinds of patient data and the seven recommendations for reducing risk to patients, beneficiaries and the organization.
The Biden administration's national cybersecurity strategy emphasizes bolstering critical infrastructure sector protections, including setting minimum security requirements and enhancing collaboration. But observers says the industry needs more resources and a better security posture to comply.
When OrthoVA CIO, Terri Ripley, made the decision to send all non-clinical personnel to work from home in the early days of the pandemic, she knew there were risks but prioritized patient, physician, and staff safety first.
Ripley says they weren’t prepared to have the workforce safely access their systems...
The attorneys general of Pennsylvania and Ohio have slapped a DNA testing lab with HIPAA settlements totaling $400,000 in the wake of a 2021 hack of a legacy database that affected 2.1 million individuals nationwide, including nearly 46,000 consumers in the two states.
Healthcare cybersecurity leaders often say they do a great job of onboarding new partners, but then they add that ongoing monitoring of the relationship falls short. Jon Moore of Clearwater talks about when and where to talk security with partners - and red flags to watch out for.
As ransomware attacks continue to target the healthcare industry, cyber risk is now patient safety risk. Unfortunately, many cyber risk management programs are woefully understaffed and resource-constrained. As such, leading healthcare CIOs, CISOs, and Supply Chain executives are rapidly automating best practices and...
A security risk analysis is not only required by HIPAA but also widely-accepted as a best practice—but today's evolving threats landscape requires more. While every risk identified in a risk analysis may not require mitigation, every risk does require a response. In this eBook, we outline a step-by-step approach...
A combination of three security flaws contained in an open-source electronic health record used mainly by smaller medical practices in the U.S. could allow attackers to steal patient data and potentially compromise an organization's entire IT infrastructure, says a new research report.
With breaches on the rise and the average cost of a healthcare breach reaching a staggering $10.1 million in 2022, third-party risk management is a growing concern in the healthcare industry. Venminder CEO James Hyde offers tips on reducing risk exposure from vendor relationships.
A new Ponemon Research report shows ransomware continues to significantly impact patient safety, according to survey of hospital IT/Security leaders. Over half of respondents indicated that one or more ransomware attacks experienced by their organization resulted in a disruption to patient care. While the most...
As artificial intelligence, or AI, grows in popularity for simplifying workflows and diagnosing patients, healthcare leaders need to understand that AI use is also increasing among cyberattackers and take action to prevent its use for malicious purposes.
Healthcare leaders are increasingly looking to 405(d) Health Industry Cybersecurity Practices (HICP) as their guide to better cyber risk management, thanks to its alignment to the NIST framework and specific practices by organization size. Still, if you're new to 405(d) HICP or just getting started, determining where...
Hackers stole and leaked personal data for nearly 270,000 patients and employees of Louisiana's Lake Charles Memorial Health System as part of a ransomware attack for which Hive claimed credit. Patients and regulators have just been informed about the October attack.
Healthcare providers and their vendors often fear federal regulatory action, but do fines and corrective action many any difference at all? As breach cases have nearly doubled since 2018, federal fines dropped 93% in 2022, and some say the agency is understaffed and crippled by legal challenges.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
