The vast healthcare ecosystem disruption caused by the recent attack on Change Healthcare, which affected more than 100 of the company's IT products and services, underscores the concentrated cyber risk when a major vendor suffers a serious cyber incident, said Keith Fricke, partner at tw-Security.
The Change Healthcare attack is already providing valuable lessons to healthcare firms - mostly about the importance of resilience, especially when it comes the industry's supply chain and third parties, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency.
Ransomware group Rhysida is offering to sell "exclusive data" stolen from a Chicago children's hospital for $3.4 million on the dark web, while the hospital is still struggling to recover its IT systems, including its electronic health records and patient portal, one month after the attack.
A bipartisan pair of congressmen is again attempting to address long-standing issues of patient safety and privacy - as well as medical errors, inadvertent information disclosures and denied medical claims - which all occur when patients and the health records used to treat them do not match.
When a hospital or clinic is hit with a cyberattack, it often seems as if the electronic health record systems just can't win. Even if the EHR system is not the prime target of the attack, it's still frequently taken off line as the organization responds to the incident. What should entities do?
Accenture has finalized its acquisition of U.K. tech consultancy firm 6point6, which specializes in cybersecurity, cloud and digital transformation solutions. The acquisition will add 6point6's 400 staffers to Accenture in support of its business in the U.K. market.
Creating a culture of cybersecurity across a healthcare enterprise can be challenging, but it’s critical to patient safety. The days of leaving cybersecurity solely on the shoulders of IT departments are long gone as purchasing decisions get made by department heads across the organization, many of which include...
The Biden administration's national cybersecurity strategy emphasizes bolstering critical infrastructure sector protections, including setting minimum security requirements and enhancing collaboration. But observers says the industry needs more resources and a better security posture to comply.
The attorneys general of Pennsylvania and Ohio have slapped a DNA testing lab with HIPAA settlements totaling $400,000 in the wake of a 2021 hack of a legacy database that affected 2.1 million individuals nationwide, including nearly 46,000 consumers in the two states.
As ransomware attacks continue to target the healthcare industry, cyber risk is now patient safety risk. Unfortunately, many cyber risk management programs are woefully understaffed and resource-constrained. As such, leading healthcare CIOs, CISOs, and Supply Chain executives are rapidly automating best practices and...
A combination of three security flaws contained in an open-source electronic health record used mainly by smaller medical practices in the U.S. could allow attackers to steal patient data and potentially compromise an organization's entire IT infrastructure, says a new research report.
With breaches on the rise and the average cost of a healthcare breach reaching a staggering $10.1 million in 2022, third-party risk management is a growing concern in the healthcare industry. Venminder CEO James Hyde offers tips on reducing risk exposure from vendor relationships.
A new Ponemon Research report shows ransomware continues to significantly impact patient safety, according to survey of hospital IT/Security leaders. Over half of respondents indicated that one or more ransomware attacks experienced by their organization resulted in a disruption to patient care. While the most...
Hackers stole and leaked personal data for nearly 270,000 patients and employees of Louisiana's Lake Charles Memorial Health System as part of a ransomware attack for which Hive claimed credit. Patients and regulators have just been informed about the October attack.
Healthcare providers and their vendors often fear federal regulatory action, but do fines and corrective action many any difference at all? As breach cases have nearly doubled since 2018, federal fines dropped 93% in 2022, and some say the agency is understaffed and crippled by legal challenges.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.