Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Security staff shortages, new tech raising risk of breaches

A shortage of information security professionals is having an adverse impact on healthcare and other industries, even as growth in mobile devices and social media are increasing vulnerabilities.

HITRUST working group targets cyber threats

The Health Information Trust Alliance (HITRUST) is stepping to the plate to support a Feb. 12 White House Cybersecurity Executive Order that calls for enhanced government and industry collaboration against ongoing cyber threats.

Ga. hospice loses laptop

It's unclear how many patients of Heyman HospiceCare in Rome, Ga., were impacted by the loss of a non-encrypted laptop left in the car of an employee.

Wisconsin breach potentially impacts 43K

A computer virus is the cause of a data breach impacting 43,000 patients of Froedtert Health, based in Milwaukee, Wis. The organization informed patients that the virus left patients’ data vulnerable in December, 2012, according to TMJ4 news. The virus may have allowed someone to access patient files through a staff member's computer.

Survey indicates fewer small breaches but bigger overall impact

A new report suggests some improvement in healthcare data breaches in 2012 compared with previous years but that's no reason to lighten up on privacy and security efforts.

Wis. clinic breach linked to cleaners

A Wisconsin medical clinic that sits close to the border of Minnesota has notified about 2,400 clients of a breach of unsecured personal information.

CMS awards contract for HIPAA transaction testing

Revenue cycle vendor and claims clearinghouse Emdeon will test new iterations of transactions processing standards as they are developed under a contract with the Centers for Medicare & Medicaid Services (CMS) valued at approximately $2 million.

Thumbnail

Weekly roundup: Final privacy rule, finally

Considering we reported on three data breaches this week alone, it seems the final privacy rule couldn't be released soon enough. The final omnibus rule is designed to strengthen the privacy and security protections for health information established under HIPAA, according to the Department of Health and Human Services. The rule enhances patients' privacy protections, provides individuals new rights to their health information and strengthens the government’s ability to enforce the law.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.