Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Healthcare hacker sentenced to 10 years in prison
Robert Purbeck, 45, of Georgia was found with data on more than 132,000 individuals taken from various breaches, including multiple providers, a police station and a city government.
Ransomware group deploys ticking clock to threaten Georgia hospital
Memorial Hospital and Manor announced the data breach through Facebook on Nov. 3. The cybercrime group Embargo has taken credit for the incident, claiming to have 1.15TB of stolen information.
Hackers were inside an Iowa hospital’s network for two weeks
St. Anthony Regional Hospital confirmed patient data was taken by cybercriminals, but the August incident is still being investigated.
Microsoft: Ransomware hit nearly 400 healthcare entities this year—a 300% rise since 2015
A study from Microsoft on the impact of ransomware found unaffected nearby hospitals see a rise in stroke and cardiac arrest cases, in addition to an influx of patients.
Feds make it official: Change data breach was the largest in healthcare history, impacting 100M
Updated reporting from HHS shows UnitedHealth Group's estimate that roughly one-third of people in the U.S. would be affected was correct.

Report: Internal actors responsible for most healthcare breaches

Most system breaches that expose protected health information stem from internal actors, according to Verizon’s 2018 Protected Health Information Data Breach Report.

September 5, 2018

Houston hospital fires nurse after posting about measles patient in anti-vaxxer Facebook group

Texas Children’s Hospital has fired a nurse after she posted information about a child testing positive for measles to Facebook. The woman commented about the child’s symptoms in a group dedicated to so-called “anti-vaxxers,” who question the safety and effectiveness of vaccinations.

August 30, 2018

Phishing attack on AU Health exposes information of 417K people

The personal health information of 417,000 people may have been exposed following a phishing attack that targeted Augusta University (AU) Health in Augusta, Georgia.

August 28, 2018

Doctors, patients question privacy of medical records

After a note about a patient and her family was shared with another doctor, one physician looked at the benefits and consequences of having open medical records.

August 24, 2018

Judge approves Anthem's $115M settlement for data breach

Anthem, Inc.'s $115 million settlement for a data breach that exposed the personal information of millions has been approved by a federal judge, according to a report by Bloomberg Law.

August 20, 2018

More healthcare providers purchasing cyber insurance

With an increase of technology in the healthcare industry, providers now have a greater risk of being hacked and patient data being exposed. Due to that growing threat, more physicians are purchasing cyber insurance.

August 20, 2018

Survey: Only 18% of EHR safety guidelines fully implemented

Voluntary guidelines designed to increase the safety of electronic health records (EHRs) have yet to be implemented fully, according to a survey published in the Journal of the American Medical Informatics Association.

August 16, 2018

NIST releases guidelines for securing records on mobile devices

Healthcare organizations wondering how to better secure information can look to the National Cybersecurity Center of Excellence for advice after it recently released a new set of practice guidelines on how to better protect information in electronic health records (EHRs).

August 7, 2018

Around the web

Cardiovascular Business

Payment cuts and beyond: Key takeaways for cardiologists from the 2025 Medicare Physician Fee Schedule

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals.

AI in Healthcare

A modest proposal to rally AI regulators around a simple game plan

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”

Cardiovascular Business

FDA commissioner urges clinicians to join fight against medical misinformation

FDA Commissioner Robert Califf, MD, said the clinical community needs to combat health misinformation at a grassroots level. He warned that patients are immersed in a "sea of misinformation without a compass."

Cybersecurity

Healthcare hacker sentenced to 10 years in prison

Ransomware group deploys ticking clock to threaten Georgia hospital

Hackers were inside an Iowa hospital’s network for two weeks

Microsoft: Ransomware hit nearly 400 healthcare entities this year—a 300% rise since 2015

Feds make it official: Change data breach was the largest in healthcare history, impacting 100M

Around the web