CISO

Tracking Common Causes of Recent Health Data Breaches

These incidents, which include ransomware and phishing attacks – as well as misconfigured IT – are the culprits in nearly two-thirds of the 81 major health data breaches that have been added to the U.S. Department of Health and Human Services HIPAA Breach Reporting Tool website so far this year.Those 51 hackingIT incidents affected nearly

[ Read More ]

HHS security policies should focus on incentives, not penalties, health IT leaders say

The federal government needs to provide more resources and incentives to help healthcare organizations better protect their IT systems and data from cyberattacks, according to health IT security leaders.Currently, the Department of Health and Human Services privacy and security standards are too focused on compliance and are unduly punitive to healthcare provider organizations when a

[ Read More ]

Analyzing the $7.5 Million UCLA Health Data Breach Settlement

A proposed $7.5 million settlement of a class action lawsuit filed against ULCA Health in the wake of a 2015 cyberattack that affected 4.5 million individuals stands apart from most other breach-related settlements because it requires the organization to spend a substantial sum on improving its security, says attorney Steven Teppler.Under terms of the settlement,

[ Read More ]

West Michigan doctor’s office hacked, doctors held for ransom

BATTLE CREEK, Mich. Hacked and held for ransom by a computer virus, a doctors office in Battle Creek was forced to close its doors after, doctors said, they refused to pay and their entire system was wiped out.Dr. William Scalf told Newschannel 3 ransomware locked up the system at Brookside ENT and Hearing Center and

[ Read More ]

Beyond the exam room: How data privacy builds patient trust

HIPAA is inextricably linked to patient privacy, but building a trusted, long-term patient relationship goes beyond HIPAA compliance and requires a deeper commitment to keep patient PHI safe and private. The provider-patient trust relationship is the cornerstone of any healthcare practice. But it doesnt stop there.Patients entrust their lives and their intensely personal information not

[ Read More ]

Tiered FDA medical device security guidance concerns industry

The U.S. Food and Drug Administration (FDA) recently released its draft guidance on managing cybersecurity in medical device premarket submissions. In the draft, a two-tiered system for identifying cyber risk is proposed, with higher risk devices falling into Tier 1 while other devices would be of Standard Cybersecurity Risk or Tier 2.

[ Read More ]

750,000 Medtronic Defibrillators Vulnerable to Hacking

As many as 750,000 heart devices made by Medtronic PLC contain a serious cybersecurity vulnerability that could let an attacker with sophisticated insider knowledge to harm a patient by altering programming on an implanted defibrillator, federal officials said today.The Homeland Security Department, which oversees security in critical U.S. infrastructure including medical devices, issued an alert

[ Read More ]

Data breaches result in CEO pay rises, study shows

Description: Bosses are more likely to receive a pay rise after their firm suffers a cybersecurity breach, according to a study by the UK’s Warwick Business School. Security breaches did have a lasting impact on the way firms were run, as they typically paid lower dividends and invested less in research and development up to

[ Read More ]