Healthcare cybersecurity leaders often say they do a great job of onboarding new partners, but then they add that ongoing monitoring of the relationship falls short. Jon Moore of Clearwater talks about when and where to talk security with partners - and red flags to watch out for.
A ransomware incident last fall that disrupted some of hospital chain CommonSpirit's operations for at least a month has cost the organization $150 million in lost revenue, remediation and other expenses so far. CommonSpirit also likely faces additional legal expenses.
Federal authorities are urging healthcare sector entities to take steps to protect their web applications, connected devices and other critical systems against distributed denial-of-service attacks. The warning comes weeks after a wave of DDoS attacks from Russian nuisance hacking group KillNet.
Community Health Systems has reported to the U.S. Securities and Exchange Commission that a security incident involving vendor Fortra's GoAnywhere secure file transfer software has compromised the data of about 1 million patients. Did attackers exploit a recent zero-day vulnerability?
Federal regulators said true health data interoperability is on its way for hundreds of millions of American patients now that six tech providers have committed to a rigorous set of trust and security criteria for swapping patient information. The agreement is a milestone years in the making.
Before healthcare entities can promise advanced identity and access management technologies and practices, their IAM programs need to address important fundamentals, which many entities still struggle with due to the complexity of healthcare itself, says Erik Decker, CISO of Intermountain Health.
As ransomware attacks continue to target the healthcare industry, cyber risk is now patient safety risk. Unfortunately, many cyber risk management programs are woefully understaffed and resource-constrained. As such, leading healthcare CIOs, CISOs, and Supply Chain executives are rapidly automating best practices and...
Regal Medical Group, one of the largest medical groups in Southern California, has reported that a December ransomware incident involving data exfiltration has potentially compromised the protected health information of more than 3.3 million individuals.
Multiple government agencies in the U.S. and South Korea issued a joint alert warning critical infrastructure sectors - and especially the healthcare sector - of ongoing ransomware threats involving North Korean state-sponsored cybercriminals.
A group of bipartisan U.S. senators is seeking answers from three telehealth companies about their data tracking and sharing practices. The move comes as privacy and security concerns about broader data sharing by technology firms also are growing.
An Ontario hospital says it is operating under "Code Grey" as it deals with a cybersecurity incident that occurred over the weekend. Meanwhile, hospitals in Maryland and Florida say they are still recovering from cyberattacks that hit last week and continue to affect a variety of patient services.
Cedars-Sinai Medical Center in Los Angeles has joined a growing list of organizations being sued for allegations that its use of website tracking codes is unlawfully sharing individuals' personal and health information to third-party social media and marketing companies.
During the height of the coronavirus pandemic, mergers and acquisitions in the healthcare sector slumped, but they now appear to be slowly rebounding. What does this mean in terms of potential security risks that organizations undergoing consolidation face?
A security risk analysis is not only required by HIPAA but also widely-accepted as a best practice—but today's evolving threats landscape requires more. While every risk identified in a risk analysis may not require mitigation, every risk does require a response. In this eBook, we outline a step-by-step approach...
A Florida healthcare system says it is diverting emergency patients and is only accepting certain Level 1 trauma cases while it deals with an "IT security incident." Meanwhile, a Maryland hospital is responding to its own ransomware incident.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
