Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Court dismisses UCLA breach lawsuit

A California appellate court threw out a class-action lawsuit against the University of California over a breach that exposed personal information of more than 16,000 patients at the University of California-Los Angeles Health System, according to an Oct. 16 article published in Metropolitan News-Enterprise.

Thumbnail

HIX debate continues, VA privacy efforts fail to impress

This week brought some disturbing news on the privacy and security front with the report that the Department of Veterans Affairs has experienced more than 14,000 privacy breaches since 2010.

3,500 patients impacted in laptop theft

Yet another laptop theft is the source of a breach.

VA leads nation in privacy breaches

The Department of Veterans Affairs (VA) has some explaining to do. From 2010 through May of this year, the organization's employees or contractors were responsible for more than 14,000 privacy breaches.

Unsecure email causes N.C. breach

A North Carolina organization has notified 1,310 patients that protected health information was in an unsecured email sent to a trusted outside source.

Privacy and security certification program launched in Texas

The Texas Health Services Authority and the Health Information Trust Alliance announced a partnership to develop and implement the Texas Covered Entity Privacy and Security Certification Program, according to a joint announcement.

Subcontractor snooping source of Iowa breach

An employee of an Iowa health system's third-party contractor gained unauthorized access to patient records, impacting 1,800 patients.

Stolen laptop source of Wisc. breach

A stolen laptop is the source of a breach impacting 629 patients. 

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.