Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Human error cause of Calif. children’s hospital breach

Human error was the cause of two breaches at Rady Children’s Hospital-San Diego.

Thumbnail

Planning for a data breach

With covered entities doling out more than $25 million for HIPAA violations, and with more than 30 million individuals affected by data breaches since 2009, organizations need to plan ahead to safeguard their protected health information, said Peter Paulli, CISA, executive consultant at Strategic Advisory Group, during a Beacon Partners webinar.

HHS: 1K breaches have affected 32M people

Since 2009, the Department of Health & Human Services has reported more than 1,000 medical record breaches affecting 500 or more individuals.

Stolen unencrypted drive impacts 34K

A stolen unencrypted USB drive is the source of a breach affecting almost 34,000 patients.

ONC chief privacy officer steps down

Joy Pritts, the Office of the National Coordinator for Health IT’s chief privacy officer, is stepping down effective July 12.

Patient sues Ohio hospital for employee's breach of STD diagnosis

News of a lawsuit filed against the University of Cincinnati Medical Center for sensitive information posted on Facebook by an employee has hit the mainstream media.

Employee error source of Pa. breach

An employee’s actions compromised the protected health information of 1,801 people at the Penn State Milton S. Hershey Medical Center.

Ct. exchange data breach traced to call center worker

Access Health CT, Connecticut's health insurance exchange, has reported a data breach discovered when a call center worker’s backpack was found to contain notebooks with the personal information of about 400 individuals.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.