HIPAA | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

HIPAA

Report: More than 3M Patient Records Breached in Second Quarter of 2018

August 8, 2018  |  Heather Landi
news
More than 3.14 million patient records were breached in 142 disclosed health data breach incidents during a three-month span from April to June 2018, according to new data released in the Protenus Breach Barometer.

UnityPoint Health Notifies 1.4M Patients of Data Breach Caused by Phishing Attack

July 31, 2018  |  Rajiv Leventhal
news
UnityPoint Health, a health system based in Des Moines, Ia., has let about 1.4 million patients know that their personal and health information may have been compromised, according to a press release from the organization.

What Can the Industry Learn from Recent High-Profile Healthcare Cyber Attacks?

July 26, 2018  |  Heather Landi
article
While a recent report found that healthcare ransomware attacks declined in the first half of 2018, a spate of recent high-profile cybersecurity incidents serves as a stark reminder that healthcare continues to be a ripe target for cyber attacks.

Analysis: Healthcare Ransomware Attacks Decline in First Half of 2018

July 18, 2018  |  Heather Landi
news
In the first half of 2018, ransomware events in major healthcare data breaches diminished substantially compared to the same time period last year, as cyber attackers move on to more profitable activities, such as cryptojacking, according to a new report form...

Healthcare Data Breach Costs Remain Highest at $408 Per Record

July 13, 2018  |  Heather Landi
news
The cost of a data breach for healthcare organizations continues to rise, from $380 per record last year to $408 per record this year, as the healthcare industry also continues to incur the highest cost for data breaches compared to any other industry, according...

Survey: Majority of Health IT Execs See Insider Breaches as Growing Threat

July 10, 2018  |  Heather Landi
news
While media headlines tend to focus on external breaches and would-be hackers, the overwhelming majority of IT professionals at healthcare provider organizations see insiders as an equal or greater threat to unwanted exposure of sensitive data, according to a...

Data Breach at Health Billing Company Exposes PHI of 270,000 People

June 22, 2018  |  Heather Landi
news
A healthcare data breach at Med Associates, a Lathan, N.Y.-based health billing company, that may have exposed the protected health information (PHI) of 270,000 people, according to local media reports.

House Passes Bill to Align HIPAA, 42 CFR Part 2

June 22, 2018  |  David Raths
news
The U.S. House of Representatives recently passed a bill designed to align 42 CFR Part 2 with HIPAA for the purposes of health care treatment, payment, and operations. One goal of the change is so that care can be better coordinated and providers can have...

Judge Rules in Favor of OCR and Upholds $4.3M Fine for MD Anderson

June 19, 2018  |  Heather Landi
news
Houston-based The University of Texas MD Anderson Cancer Center must pay $4.3 million in fines stemming from three separate breaches involving unencrypted electronic devices that exposed patient data for 33,500 patients, according to an administrative law judge...

Report: Cyber Attacks on the Rise and Evolving, as Ransomware Declines

June 14, 2018  |  Heather Landi
news
Cyberthreats are continuing to increase and shift, and even though ransomware attacks are significantly declining, cyberattacks are on the rise, according to a new report from the global association ISACA.

Dignity Health Reports Email Data Breach Incident Affecting 56,000 Patients

June 8, 2018  | 
news
San Francisco-based Dignity Health, and one of its business associates, reported an unauthorized access/disclosure incident impacting the medical records of 55,900 patients.

CIO Survey: Slow Migration to the Cloud Due to Ongoing Security, Privacy Concerns

May 30, 2018  |  Heather Landi
news
Hospital information executives cite cloud hosting as one of their organizations’ top priorities, yet the transition to the cloud is happening slowly as many CIOs continue to have concerns about compliance as well as data security and privacy, according to a new...

HITRUST Provides NIST Cybersecurity Framework Certification

May 23, 2018  |  Heather Landi
news
The Health Information Trust Alliance (HITRUST), security and privacy standards development and accreditation organization, announced this week a certification program for the National Institute of Standards and Technology's (NIST) Cybersecurity Framework (...

Guest Blog: Mac McMillan on Why Improving Cyber Readiness is a Business Imperative

May 12, 2018  |  Mac McMillan
article
The AMA’s recent recommendation to HHS to eliminate its data security risk assessment requirement was a major misstep, as it failed to take into account how fundamental such work is in the current environment, argues cybersecurity expert Mac McMillan

OIG Report Finds Flaws in Navy, Air Force EHR Security, Handling of Patient Data

May 9, 2018  |  Heather Landi
news
An investigation into security protocols at several U.S. Navy and Air Force hospitals and clinics found a number of serious security vulnerabilities that left electronic health record (EHR) systems and patient data unprotected from unauthorized access and...

House Seeking Stakeholder Feedback on Addressing Cyber Risks of Legacy Health IT

April 25, 2018  |  Heather Landi
news
The House Energy and Commerce Committee is seeking input and feedback from healthcare industry stakeholders on how to address cybersecurity vulnerabilities in legacy healthcare IT technologies and medical devices.

One Consultant’s Take on GDPR and How It Raises the Stakes for U.S. Healthcare Organizations

April 23, 2018  |  Heather Landi
article
The General Data Protection Regulation goes into effect May 25. John Barchie, a senior fellow at Arrakis Consulting, discusses the implications for U.S. healthcare organizations and what steps organizations should be taking now to be GDPR-compliant.

FDA Announces Plan to Advance Medical Device Safety and Cybersecurity

April 18, 2018  |  Heather Landi
news
The Food and Drug Administration (FDA) has announced new proposals aimed at advancing medical device cybersecurity, including placing new responsibilities on manufacturers, both before and after their devices hit the market.

At Lakeland Health, IT Leaders are “Changing the Storyline” on Cybersecurity and Seeing Significant Results

April 17, 2018  |  Heather Landi
article
Lakeland Health earned semifinalist status in the 2018 Healthcare Informatics' Innovator Awards program based on an enterprise-wide initiative to improve the organization's cybersecurity program, with cultural change being a key focus.

Report: Majority of Hackers Can Breach a Hospital’s Perimeter in Under Five Hours

April 12, 2018  |  Heather Landi
news
Hackers can complete an entire data breach in under 15 hours, which includes exfiltrating data, according to a recent report, and 23 percent of hackers say they can complete a breach of a hospital or healthcare organization under five hours.

The Federal Message is Loud and Clear: It’s Time for Patients to be Truly Empowered

April 11, 2018  |  Rajiv Leventhal
commentary
Government health IT officials are serious about creating a true market for healthcare in which patients are engaged and empowered. Will their message hit home?

Healthcare Industry Rife with Error and Misuse, Verizon Data Breach Report Finds

April 10, 2018  |  Rajiv Leventhal
news
Healthcare is the only industry in which there were more internal actors behind cyber incidents than external in the last year, according to Verizon’s 2018 Data Breach Investigations Report (DBIR).

Healthcare IT Security Teams Struggle with Basic Hygiene of Patching, Survey Finds

April 6, 2018  |  Heather Landi
news
A recent survey of IT security leaders across a range of industries identified a security “patching paradox,” in which organizations plan to hire more resources for vulnerability response, yet most organizations are still using inefficient patching processes.

Survey: 69 Percent of Providers Plan to Move More Data to the Cloud

April 6, 2018  |  Heather Landi
news
Most healthcare providers store sensitive data, such as electronic protected health information (ePHI), personally identifiable information (PII) and financial data, in the cloud, yet only a few of them have pervasive visibility into who is accessing that data,...

Report: Exposed Medical Devices, Supply Chain Attacks Pose Major Cyber Risks

April 5, 2018  |  Heather Landi
news
This coming May marks the anniversary of the WannaCry attack, yet, a year later, researchers found that the scare of ransomware may not have resulted in more secure healthcare environments, rather the attack surface has only expanded.

Survey: 79 Percent of Healthcare Pros Concerned About Cybersecurity of Personal Data

March 28, 2018  |  Heather Landi
news
The results of a new survey have found that even professionals who work in the healthcare industry are concerned about the cybersecurity of their own healthcare information.

Amid Leadership Changes at HHS, Former Deputy CISO Speaks Out on Cybersecurity Center Controversy

March 26, 2018  |  Heather Landi
article
Over the past seven months, there have been a number of events that have upended top technology and cyber leadership at HHS, and some healthcare leaders and lawmakers are questioning the status of HHS’s cyber operations center, which launched just last June.

Media Report: Finger Lakes Health Paid Ransom, Restoring Systems After Cyber Attack

March 26, 2018  |  Heather Landi
news
According to an article in the Finger Lakes Times posted Sunday, Finger Lakes Health officials confirmed on Friday that a payment was made following the “ransomware” attack that disabled the health system’s electronic systems for about a week.

Three Myths About Cyber Insurance

March 26, 2018  |  Daniel Casey, president and CEO, Peoples United Insurance Agency
article
Given the escalating number of attacks and increasing financial costs, the rate of cyber insurance adoption is somewhat surprising. There are three myths about cyber insurance that are keeping more businesses from adding these policies.

Finger Lakes Health’s IT Systems Still Down Following Ransomware Attack

March 22, 2018  |  Heather Landi
news
Finger Lakes Health, a three-hospital healthcare delivery system in Geneva, New York, continues to use manual and paper processes following a ransomware attack over the weekend, according to local media reports.

Pages

Subscribe to HIPAA