The agency that enforces HIPAA is urging healthcare organizations and their business associates to ramp up their efforts to share information on cyber threats as part of a broader effort to develop more mature information security programs.
Leading the latest version of the ISMG Security Report: a look at how various sectors are moving away from checkbox compliance, instead taking proactive measures to secure their information assets. Also, big increase in e-commerce fraud and Yahoo's costly breach.
Could attitudes about cybersecurity in the healthcare sector be at a tipping point? A new study shows a shift from a focus on compliance to managing business risks, says David Finn, health IT officer at Symantec.
Federal regulators are considering the role that blockchain technology could play in advancing the secure exchange of healthcare information, says Steve Posnack of the Office of the National Coordinator for Health IT, who explains ongoing research efforts.
A pending federal regulation - called for under the HITECH Act - that would allow regulators to share with breach victims money collected in HIPAA violation cases eventually could have implications for class-action breach lawsuits, says privacy attorney Adam Greene.
Major healthcare breaches involving hackers accessing patient information soared in 2016. But now more cybercriminals are shifting their attention to ransomware attacks because of the glut of stolen health information hitting the black market, says Dan Berger of CynergisTek.
To help prepare for ever-evolving cyber threats, healthcare entities need to learn from the security practices of other sectors, says Lucia Savage, former chief privacy officer at the Office of the National Coordinator for Health IT.
An analysis of integrity - a core foundation of cybersecurity - in the era of fake news leads the latest edition of the ISMG Security Report. Also, a new initiative aims to help ensure the security of medical devices and financial institutions in New York face new state cybersecurity regulations.
Because so many healthcare organizations are growing through mergers and acquisitions at a time when cyber threats are multiplying, effective access control is becoming increasingly important - and more complex, says Joe Meyer of the security consulting firm NCC Group.
A new website is now available for reporting medical device vulnerabilities, says Dale Nordenberg, M.D., executive director of the Medical Device Innovation, Safety and Security Consortium, who explains how MD-VIPER works in this in-depth interview.
Plans to launch some onsite HIPAA compliance audits are now on hold while the agency that enforces HIPAA completes more than 200 desk audit reports, says Deven McGraw, deputy director of the Department of Health and Human Services' Office for Civil Rights.
The uptick of ransomware and other cyberattacks in the healthcare sector has prompted healthcare provider RWJBarnabas Health to make a number of important moves to help prevent, detect and respond to breaches, says CISO Hussein Syed.
The Healthcare Information and Management Systems Society's 2017 Conference will offer a slew of educational sessions and informative exhibits focused on top cybersecurity and data privacy challenges facing the healthcare sector. Catch our coverage.