Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

HHS offers security risk assessment tool for smaller practices

A new security risk assessment (SRA) tool from the Department of Health & Human Services is designed to help guide healthcare providers in small to medium-sized offices conduct risk assessments of their organizations.

eBridge earns high marks in rigorous data security examination; Completes HIPAA and SOC 2 third-party assessment

Hosted document management firm eBridge Inc. has successfully completed a rigorous data management security examination by an outside assurance/compliance auditor, and has met the strict compliance requirements of the Health Insurance Portability and Accountability Act (HIPAA) and the Service Organization Control 2 (SOC 2) process.

Thumbnail

Stanford Hospital, associates to pay $4.1M to resolve data breach lawsuit

Calif.-based Stanford Hospital & Clinics and two of its vendors, Multi-Specialty Collection Services and Corcino & Associates, are required to pay more than $4.1 million to settle a class action lawsuit involving a health data breach.

Thumbnail

N.J. hospital invests in patient matching technology

In an effort to solve challenges in patient matching, Saint Peter’s University Hospital, based in New Brunswick, N.J., signed a three-year agreement with Malta Systems for use of its patient health identity solution, Privasent.

Indian Health Service fails testing of IT security

The Indian Health Service failed a penetration test of its computer network conducted last June by the Department of Health & Human Services’ Office of Inspector General.

Secret Service investigating Detroit patient data breach

The U.S. Secret Service is investigating a breach of personal patient information at two Detroit-area hospital systems, according to Detroit Free Press.

Colo. hospital hacked, impacting 5,400 patients

A Colorado hospital is dealing with the aftermath of computer hackers who inserted a virus on the hospital's system last September, impacting 5,400 patients.

Thumbnail

HITRUST, HHS to offer monthly cyber threat briefings

Starting next month, health industry consortium HITRUST and the Department of Health & Human Services will conduct monthly cyber threat briefings to help organizations better understand current and probable cyber threats and share best practices for cyber threat defense and response.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.