CPO

Attempting To Avoid The High Cost Of A Reported HIPAA Breach

Preventing unintended or unauthorized disclosure of protected health information is an ever-present goal of all covered entities and business associates. However, protective firewalls and electronic data security measures are not enough to avoid a potentially costly penalty or settlement amount in the event of a breach. In order to defend against assessment of civil money

[ Read More ]

Medical Device Cybersecurity: Legal Concerns

Healthcare organizations need to consider a number of legal issues when it comes to cybersecurity incidents involving medical devices, says attorney Thomas Barnard of the law firm Baker Donelson. “There are a couple layers that we need to be concerned about,” Barnard says in an interview with Information Security Media Group. “You have individual liabilities

[ Read More ]

Healthcare data breaches caused by hacks are on the rise

Data breaches caused by hacking, so-called IT incidents and unauthorized access are on the rise, with 162% more incidents at healthcare organizations so far in 2017 as there were in all of 2016, according to data from HHS’ Office for Civil Rights.Security experts said that’s because hacking has gotten easier and organizations are now reporting

[ Read More ]

NIST tweaks advice on passwords, says make them easier to remember

They’re difficult to memorize so employees skirt hospital IT rules when conjuring them up anyway, group says. The National Institute of Standards and Technology on Wednesday published new guidance on how to strengthen passwords. Why now? Research shows that the de facto standard practice of requiring users to include a mix of uppercase and lowercase

[ Read More ]

What to know before buying AI-based cybersecurity tools

These tools have evolved in maturity, and there are ways to conduct due diligence to get past the hype. Some artificial intelligence and machine learning proponents present the technologies as if they were manna from heaven, tools that have the capability to replace humans. And it’s not unusual for mere mention of the term “artificial

[ Read More ]

Improving the Cybersecurity of IoT, Medical Devices

The Department of Veterans Affairs and the U.S. Defense Advanced Research Projects Agency are working closely with safety certification and consulting firm UL to improve the cybersecurity of internet of things devices as well as medical devices procured by the government. The effort could yield benefits to the private sector as well, two researchers explain

[ Read More ]

Biohackers Encoded Malware in a Strand of DNA

WHEN BIOLOGISTS SYNTHESIZE DNA, they take pains not to create or spread a dangerous stretch of genetic code that could be used to create a toxin or, worse, an infectious disease. But one group of biohackers has demonstrated how DNA can carry a less expected threat—one designed to infect not humans nor animals but computers.

[ Read More ]

Anthem Breach Lesson: Why Granular Access Control Matters

Healthcare organizations can learn important lessons from the proposed $115 million settlement in the breach lawsuit against health insurer Anthem, says Bill Fox, a former federal prosecutor. One of the key lessons emerging from the Anthem breach case, which impacted nearly 79 million individuals, is the need for more granular control of access to sensitive

[ Read More ]