Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Ascension reverts to pen-and-paper operations after ransomware attack
Most of Ascension's retail pharmacies nationwide are unable to fill prescriptions or accept payments. During the outage, patients are being given pen-on-paper scripts.
Key trends in enterprise imaging
Radiology is going though a period of disruption with a growing radiologist shortage, decreasing reimbursements and increasing numbers of exams, making workflow efficiency a critical concern.
Ascension confirms ransomware caused service shutdowns, ambulance diversions
Emergency services are back up and running, but many patients will need to reschedule tests and treatments while systems at Ascension remain partially offline.
Six hospital groups urge UnitedHealth to take responsibility for Change Healthcare hack notifications
In a public letter, the groups are urging UnitedHealth Group to announce a timeline for notifying patients about what personal data was stolen in the breach of Change Healthcare's systems.
Ascension experiences disruption of operations after 'cybersecurity event'
A third-party security firm has been brought in to assess what systems were accessed and what data, if any, was taken.

Ill. provider cleared in class-action lawsuit from breach

Advocate Medical Group has been cleared of wrongdoing in a class action lawsuit alleging the organization failed to protect patient data following a massive HIPAA data breach. 

August 18, 2015

Guide aims to help improve security of mobile devices

The National Cybersecurity Center of Excellence has released a draft for public comment of the first guide in a new series of publications that will show businesses and other organizations how to improve their cybersecurity using standards-based, commercially available or open-source tools. 

August 17, 2015

White House ups budget for cybersecurity efforts

The White House issued an update to President Obama's fiscal year 2016 budget request that seeks additional cybersecurity funding for several agencies, including the Department of Health and Human Services and the Department of Veterans Affairs. 

August 14, 2015

This week's 3 privacy & security developments

This week in health IT, there were three interesting developments all centered around the privacy and security of health data.

August 14, 2015

HITPC approves recommendations that drive better understanding of big data's privacy issues

More understanding of the privacy and security issues surrounding big data is needed to advance a learning healthcare system, according to the Health IT Policy Committee’s Privacy & Security Work Group.

August 12, 2015

94M records stolen so far this year

The records of 94 million patients have been stolen from healthcare entities so far this year, according to a report from conservative think tank American Action Forum. 

August 11, 2015

MIE faces class-action lawsuit after cyberattack

EHR vendor Medical Informatics Engineering is facing significant fallout from its recent cyberattack with an Indiana resident affected by the data breach filing a class-action lawsuit in federal court against the company, alleging the vendor did not adequately protect its software from a cyberattack.

August 10, 2015

HHS issues guide of HIPAA basics

In response to ongoing confusion about HIPAA, the Department of Health and Human Services has released a guide covering the basics of the law. 

August 5, 2015

Around the web

AI in Healthcare

About that bipartisan $32B ‘roadmap’ for AI policy: What’s in it for healthcare?

This week Washington took a major step toward nailing down a solid game plan on federal AI spending for everything outside of defense.

Cardiovascular Business

FDA announces new recall of delivery catheters after patient’s death

The recall includes specific lots of five different medical devices used to treat stroke and other neurovascular diseases.

Cardiovascular Business

FDA warns against use of troubled heart devices, citing ‘continued concerns’ after multiple recalls

The agency is urging healthcare providers to transition away from these devices and seek out alternatives. It is even working with other manufacturers to try and get similar products on the market as quickly as possible.

Cybersecurity

Ascension reverts to pen-and-paper operations after ransomware attack

Key trends in enterprise imaging

Ascension confirms ransomware caused service shutdowns, ambulance diversions

Six hospital groups urge UnitedHealth to take responsibility for Change Healthcare hack notifications

Ascension experiences disruption of operations after 'cybersecurity event'

Around the web