Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Hackers were inside an Iowa hospital’s network for two weeks
St. Anthony Regional Hospital confirmed patient data was taken by cybercriminals, but the August incident is still being investigated.
Microsoft: Ransomware hit nearly 400 healthcare entities this year—a 300% rise since 2015
A study from Microsoft on the impact of ransomware found unaffected nearby hospitals see a rise in stroke and cardiac arrest cases, in addition to an influx of patients.
Feds make it official: Change data breach was the largest in healthcare history, impacting 100M
Updated reporting from HHS shows UnitedHealth Group's estimate that roughly one-third of people in the U.S. would be affected was correct.
CMS contractor takes $1.2M loss after data breach, DOJ lawsuit
Federal Data Solutions allegedly failed to encrypt screenshots of patient data, stored on a server being paid for with Medicare funds.
Boston Children's physician group suffers data breach
Cybercrime group BrianLian took credit for the attack. It has been responsible for over 60 ransomware attacks in 2024 alone.

Lack of security in medical devices, records pose threats to patients

Hacking has made its way into the heart of healthcare, with vulnerabilities in many devices essential to patients. Following a string of hacked medical devices, including pacemakers and insulin pumps, and compromised health data, cyber security is a topic more prevalent than ever for those in healthcare.

March 3, 2017

HHS releases guide on reporting, monitoring cyber security

The Department of Health and Human Services (HHS) has released a letter regarding cyber threats faced by healthcare organizations, including reporting and monitoring practices.

March 1, 2017

Henry Ford, VisionIT offer mobile communication to clinicians

Henry Ford Health System and VisionIT have partnered to offer CareTrail, a mobile application, to improve communication between clinicians. The platform provides clinicians with a tool that offers on-call scheduling, availability updates and additional workflow optimizations.

February 15, 2017

HIMSS 2017: Boehner & Rendell lead list of big-name keynote speakers

It’s time once again for HIMSS to host hospital management engineers, administrators and other industry professionals at its 2017 annual meeting.  HIMSS17—which runs Feb. 19-23 at the Orange County Convention Center in Orlando—is scheduled to include a variety of networking events and educational sessions, headlined by four highly acclaimed keynote speakers. 

January 26, 2017

HIMSS 2017: How one hospital prepared for, and survived, a ‘hacktivist’ cyberattack

Sometimes, hackers aren’t motivated by money when they go after patient records. Luckily for hospitals and health systems, even so-called “hacktivists” can be stopped with the same defenses that fend off other cyberattacks.

January 25, 2017

2016: The year of the data breach

The healthcare system faced an inceasingly common occurance in 2016, with a report by Protenus Breach Barometer claiming there was, on average, one data breach a day.

January 24, 2017

Los Angeles Valley College pays $28,000 ransom after cyberattack

After detecting a cyberattack, the Los Angeles Community College District has paid $28,000 in bitcoin ransom.

January 17, 2017

OCR clarifies HIPAA disclosure after Orlando nightclub shooting

HHS’s Office of Civil Rights (OCR) has clarified that HIPAA’s rules on disclosing protected health information (PHI) are not limited by the sex or gender identity of the patient or their loved ones.

January 12, 2017

Around the web

Cardiovascular Business

Q&A: Why are cardiovascular devices involved in so many recalls? FDA policies may be to blame

Cardiovascular devices are more likely to be in a Class I recall than any other device type. The FDA's approval process appears to be at least partially responsible, though the agency is working to make some serious changes. We spoke to a researcher who has been tracking these data for years to learn more.

Cardiovascular Business

Cardiologist compensation still rising, especially in invasive and interventional cardiology

Updated compensation data includes good news for multiple subspecialties. The new report also examines private equity's impact on employment models and how much male cardiologists earn compared to females.

Cardiovascular Business

FDA’s tirzepatide decision creates uncertainty for patients—and leads to a lawsuit

When drugs are on the FDA’s shortage list, outsourcing facilities can produce their own compounded versions. When the FDA removed tirzepatide from that list with no warning, it created a considerable amount of chaos both behind the scenes and in pharmacies all over the country.

Cybersecurity

Hackers were inside an Iowa hospital’s network for two weeks

Microsoft: Ransomware hit nearly 400 healthcare entities this year—a 300% rise since 2015

Feds make it official: Change data breach was the largest in healthcare history, impacting 100M

CMS contractor takes $1.2M loss after data breach, DOJ lawsuit

Boston Children's physician group suffers data breach

Around the web