An Australian software engineer warns that he was able to create a fake digital COVID-19 vaccine certificate via the government's Express Medicare Plus app, and that the agency in charge has so far failed to acknowledge his bug report. He recommends Australia instead copy the EU's QR code system.
After suffering a network systems outage that lasted at least a week in July, DuPage Medical Group, the largest multispeciality group practice in Illinois, is now reporting a data breach affecting more than 655,000 individuals.
The Department of Health and Human Services is seeking comments on how it can improve its security risk assessment tool, which is designed to help smaller organizations conduct assessments as required under HIPAA. Some critics have said the tool is too difficult to use.
Your data is leaking and it's at risk.
Data is a crucial and pervasive asset of any healthcare organization, but to safeguard your most
valuable information—as well as that of your patients—there needs to be a shift in the data security
strategy to protect what really matters: the data itself.
Your data is...
A year ago, Chris Pierson and BlackCloak studied executives at top global pharma companies to learn the extent of password-based vulnerabilities. The findings weren't reassuring. Pierson revisited the study this year with a select few entities to see if the needle has moved in a more secure direction.
In a video...
The Centers for Medicare and Medicaid Services is considering new cybersecurity requirements for hospitals participating in Medicare after a watchdog agency recommended CMS should require the facilities to address the cybersecurity of their networked medical devices.
With no federal privacy law in place, individual states in the US are working to create their own privacy laws to protect their residents. California’s law is already in place, and Virginia just recently passed one of its own. Colorado has a law on the table for voting, while other states are trying repeatedly to...
With a goal of better matching the right patients to all the right medical records, federal regulators have issued new draft technical specifications for standardizing how patients' physical addresses are formatted and represented in health IT systems. But could the effort present new security and privacy risks?
A half-dozen security vulnerabilities recently identified in older versions of the Zoll Defibrillator Dashboard could allow an attacker to take remote control of device management, including executing arbitrary commands, as well as gain access to sensitive information and credentials, CISA warns.
You see the news: how many healthcare entities are struck by ransomware. But how many of them conducted business impact analyses before they were victims? Too few, says Cathie Brown of Clearwater. She discusses the value of doing a BIA before the crisis strikes.
As the U.S. hammers out national infrastructure legislation, implements President Biden's recent cybersecurity executive order and adopts other related initiatives, more attention and funding needs to be allocated to strengthen the healthcare sector's cybersecurity posture, industry groups urge.
The Biden administration's fiscal 2022 proposed budget for the Department of Health and Human Services calls for an increase in spending to protect HHS from evolving cyberthreats as well as funding boosts to support regulatory and enforcement efforts related to health data privacy and security.