Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

FBI seeking extradition of Israeli prisoner accused of $500M in ransomware attacks
Rostislav Panev is facing fraud and cybercrime charges in Israel, where he has been accused of being a software developer for hacker group LockBit.
Data breach at chain of clinics impacts 450K patients
The Center for Vein Restoration has notified patients about a data breach that occurred in October, exposing financial and medical information on patients from across the U.S.
Nebraska becomes first state to sue Change Healthcare over data breach
State Attorney General Mike Hilgers said he decided to sue because of Change Healthcare's evident carelessness as well as its slowness to inform potential victims.
Christmas ransomware exposed over 300K patient records to dark web
Last Christmas, Anna Jaques Hospital in Massachusetts suffered a ransomware attack. Now, nearly a year later, it confirms hackers stole personal information on 316,342 patients.
Cryo-frozen tissue manufacturer suffers cyberattack
In an SEC filing, Artivion did not provide a lot of specifics. However, the incident appears to be a ransomware attack.

Are you ready for an MU audit? Advice from Adventist Health System

Providers attesting to Meaningful Use are required to complete security risk assessments, but many may be falling short, said Sharon Finney during a presentation at the Privacy and Security Forum hosted by the Health Information and Management Systems Society and Healthcare IT News. 

December 17, 2012

Health IT security is 'a collective problem'

Health IT’s integration into clinical practice will continue growing and it’s time for healthcare to commit to making a connected health landscape safer, according to Tim Zoph, keynote speaker at the Privacy and Security Forum hosted by the Health Information and Management Systems Society and Healthcare IT News.

December 17, 2012

Lessons learned when Health IT advisory company realizes own vulnerabilities

A consulting firm well-versed in the importance of health information privacy was forced to dive deep into the murky issues surrounding health information security when it experienced a breach of its own, Micky Tripathi said during a Dec. 14 presentation at the Privacy and Security Forum hosted by the Health Information and Management Systems Society and Healthcare IT News.

December 14, 2012

Rodriguez: Privacy & security efforts must be 'ongoing exercise'

Patients want to text and call their doctors but our security needs have not caught up to patient demands, said Leon Rodriguez, director of the Office of Civil Rights (OCR).

December 13, 2012

Email intruder causes N.C. hospital data breach

Approximately 5,600 patients of Carolinas Medical Center-Randolph are impacted by a data breach caused by an unauthorized electronic intruder who obtained incoming and outgoing emails from a provider's account without the provider's or the hospital's knowledge.

December 11, 2012

Survey: 94% of providers had data breach in past two years

Almost all healthcare organizations surveyed suffered at least one data breach during the past two years. The Third Annual Benchmark Study on Patient Privacy & Data Security by Ponemon Institute, sponsored by ID Experts, found that 94 percent of those organizations surveyed suffered at least one breach and 45 percent experienced more than five data breaches.

December 6, 2012

Certification for HIT security, interoperability unveiled

A standards partnership offers a new certification program designed to assure the security and interoperability of health IT.

December 5, 2012

HITRUST: Little improvement in data breach prevention since 2009

The healthcare industry has made little progress in controlling data breaches, according to the Health Information Trust Alliance's (HITRUST) analysis of U.S. healthcare data breaches since 2009.

December 5, 2012

Around the web

Cardiovascular Business

FDA says years-long tirzepatide shortage is resolved, will give limited leeway to compounders

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

AI in Healthcare

From Capitol Hill to a hospital near you? 5 federal recommendations for healthcare AI policy

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks.

Cardiovascular Business

Merck spends up to $2B to license new weight loss drug with potential heart benefits

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.

Cybersecurity

FBI seeking extradition of Israeli prisoner accused of $500M in ransomware attacks

Data breach at chain of clinics impacts 450K patients

Nebraska becomes first state to sue Change Healthcare over data breach

Christmas ransomware exposed over 300K patient records to dark web

Cryo-frozen tissue manufacturer suffers cyberattack

Around the web