Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Report details healthcare's dismal cybersecurity

Networks and internet-connected devices of organizations in virtually every healthcare category, including hospitals, insurance carriers and pharmaceutical companies, have been and continue to be compromised by successful cyberattacks, according to an analysis of malicious traffic by The SANS Institute.

HIMSS14 Pre-Conference Symposium on Identity Management, Privacy and Security Features Hospital Practitioners, Healthcare Association Leaders

PRINCETON JUNCTION, N.J., Feb. 18, 2014  -- HIMSS14 attendees interested in learning best practices for healthcare identity management, privacy and security should attend the full-day educational symposium, "Privacy and Security: Challenges and Opportunities in Healthcare Identity," featuring leading hospital practitioners and healthcare association speakers. The symposium, hosted by the Smart Card Alliance Health and Human Services Council, will take place on Sunday, Feb. 23, 2014 at the HIMSS14 Annual Conference and Exhibition in Orlando, Fla.

Coalfire Launches Online Exchange for HIPAA Compliance and Risk Management

DENVER, Colo. – Jan. 15, 2014 – Coalfire announced today the launch of HIPAAcentral, a new compliance exchange that provides a comprehensive suite of services for covered entities and business associates and their subcontractors to manage, maintain and exchange healthcare regulatory compliance.

WEDI offers breach notification guidance

Healthcare organizations have been experiencing data breaches at record rates. To help, the Workgroup for Electronic Data Interchange has published guidance on required steps to take to determine if a breach of protected health information must be reported to affected patients and the Department of Health and Human Services.

NIST releases cybersecurity framework

The National Institute of Standards and Technology has released a cybersecurity framework groups can use to create, assess or improve comprehensive cybersecurity programs. 

Healthcare sector accounts for 43 percent of recorded breaches

The healthcare sector accounted for 43 percent of the 619 breaches the Identity Theft Resource Center recorded in 2013. This is the first time that healthcare industry breaches have surpassed those in the business sector since 2005, according to an ITRC report.

Redspin Reports on the "State of Healthcare IT Security"

CARPINTERIA, Calif., Feb. 5, 2014--Redspin, Inc., a leading provider of penetration testing and IT security assessments, today released its annual Breach Report 2013 – Protected Health Information. In the report, Redspin provides in-depth analysis of the complete history of PHI data breaches reported to the Department of Health and Human Services (HHS), identifies current trends, and highlights the specific areas most in need of improvement.

Report: Security incidents cost U.S. hospitals over $1.6B annually

The annual organizational cost associated with security breaches, data loss and unplanned outages for healthcare providers exceeds $1.6 billion for U.S. hospitals, according to a report from MeriTalk, a Va.-based public-private partnership.

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.