How can healthcare organizations better address the many challenges they face involving the security of legacy medical devices? Device security specialist Ben Ransford offers insights on critical steps that can help reduce the risks.
Privacy attorney Adam Greene provides tips for avoiding mistakes when conducting a HIPAA security risk analysis and spells out the essential steps to take.
The organization that manages IT for Singapore's public healthcare sector says it has terminated, demoted or financially penalized several employees for their roles in the handling of a 2017 cyberattack on SingHealth, the nation's largest healthcare group. What do U.S. security experts think of these measures?
The digital revolution has given healthcare organizations new tools to increase team efficiency and improve their customer experience. But it's also opened up new vectors that cybercriminals can use to attack. As your attack surface expands to web infrastructure that you don't own or control, it becomes increasingly...
Major health data breaches added to the official federal tally in 2018 impacted more than twice as many individuals as the incidents added to the list 2017. But the 2018 victim total was far less than in 2016 and 2015, when the healthcare sector was hit with a string of huge cyberattacks.
Will the Department of Health and Human Services' request for feedback on potential changes to HIPAA eventually result in modifications to the regulation, including certain provisions that touch on privacy and security issues? There's a long road to travel before any changes actually might get made.
In its third enforcement action in recent weeks, federal regulators have hit a Colorado medical center with a HIPAA fine in a case involving failure to terminate a former employee's remote access to patient data. Other organizations can use the case as a "teachable moment," one attorney advises.
The healthcare sector is making progress in moving from a reactive to a proactive approach to cybersecurity as it learns lessons from other sectors, including financial services, says Greg Garcia, executive director for cybersecurity at the Healthcare and Public Health Sector Coordinating Council.
Patient identity management is the prescription for improving remote patient access, portal adoption and patient satisfaction. Forward-thinking enterprises have realized that integrated proven strategies for identity management are a significant factor in success for both patients and providers.
Today's...
Protecting the Department of Health and Human Services' systems, data - and program beneficiaries - from evolving cyberthreats is a top challenge for the agency, according to a new report that recommends action items.
An inside view of what HHS OCR is seeing on the healthcare sector privacy and security landscape, and what the agency has in the works to address those challenges. That includes:
Insights from OCR's latest breach and compliance investigations of covered entities and BAs.
An update on OCR's HIPAA enforcement...
Following the HHS OCR presentation, a panel of CISOs and regulatory and legal experts will dig into how major health data breach trends are changing, and why. For instance:
What lessons can be learned from some of the latest breach trends, including the steady surge in reported hacker incidents
Cybercriminals,...
Some of the biggest health data breaches - including headliner Wall of Shame breaches in 2018 - are due to insiders who click on phishing emails, and fall for business email compromise scams. While there is also plenty of record snooping by insiders, healthcare also has its share of malicious bad actors looking to...
What's the state of healthcare information security, and how are the healthcare sector and government agencies working to address the increasingly complex cyber challenges? Our presenter provides insights into the latest efforts and hot topics, including:
How the sector can implement key cyber recommendations from a...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
