Skip to main content

Privacy & Security

Privacy & Security
By Diana Manos | 12:30 pm | December 19, 2018
Also of concern in a new vendor survey are in-network incidents and increasing time to detection.
Privacy & Security
By Beth Jones Sanborn | 04:38 pm | December 18, 2018
According to a new report from Kaspersky Lab, healthcare employees in the U.S. and Canada not only admit their organizations have fallen victim to ransomware cybersecurity attacks, they also claim it wasn’t a one-time occurrence. The report, titled “Cyber Pulse: The State of Cybersecurity in Healthcare,” stems from a survey conducted by research firm Opinion Matters that included 1,758 healthcare employees in roles ranging from doctors and surgeons to administration and IT staff. All were located in the United States and Canada. WHY IT MATTERS The findings expose a “continuous pattern of ransomware cybersecurity attacks plaguing organizations” in the healthcare industry. It also shed light on employee perceptions and behaviors. Among the results, one important finding showed that organizations don’t always learn their lesson the first time around. Of the respondents who stated they were aware a ransomware cybersecurity attack had taken place in their organization, 33 percent noted that it had happened more than once. THE TREND Just this year, there have been more than 100 hacking/IT-related healthcare organization incidents affecting 500 or more individuals, according to the U.S. Department of Health and Human Services, tasking healthcare IT staff with the monumental challenge of preventing future incidents in their own systems. More than one-in-four healthcare IT employees in North America admitted their employer has experienced a ransomware cybersecurity attack within the past year and of those healthcare employees aware of a cyberattack occurring, 85 percent of Canadians and 78 percent of Americans said their organizations had fallen victim to up to five ransomware cybersecurity attacks in the past five years or more, showing missed opportunities to learn lessons and implement new best practices. The repeated attacks, however, are not for lack of caring on the part of employees, the survey said. In fact, for 71 percent of responding employees, the top reason healthcare employees cared about having cybersecurity measures in place at their organizations was to protect patients, followed by 60 percent who said they wanted to protect people and organizations they work with. Finally, and nearly a third of respondents said they didn’t want to lose their job thanks to not having adequate cybersecurity measures. Additionally, employees are willing and able to be vigilant, with 57 percent of employees of very small businesses saying they would report a suspicious email to their employer’s IT team, as opposed to almost three quarters of those working at small or medium businesses and 79 percent of employees working at enterprises. ON THE RECORD “Through our study, we found that healthcare employees in North America were confident that their organization would not suffer a data breach in the forthcoming year, but whether they realize it or not, their industry is suffering hundreds of breaches a year,” said Rob Cataldo, vice president of enterprise sales at Kaspersky Lab. “Healthcare companies have become a major target for cybercriminals due to the successes they’ve had, and repeatedly have, in attacking these businesses. As organizations look to improve their cybersecurity strategies to justify employee confidence, they must examine their approach. Business leaders and IT personnel need to work together to create a balance of training, education, and security solutions strong enough to manage the risk.”   Twitter: @BethJSanborn Email the writer: beth.sanborn@himssmedia.com
Blockchain
By Mike Miliard | 03:01 pm | December 14, 2018
Could distributed ledger technology offer the promise of real-time EHR updates, seamless interoperability and protection from ransomware?
Blockchain
By Diana Manos | 12:48 pm | December 14, 2018
European Union Blockchain Observatory & Forum, says that, while there are tensions and some uncertainty about how to protect data and use blockchain under GDPR, there are still ways to accomplish it.
Compliance
By Mike Miliard | 05:01 pm | December 11, 2018
Two healthcare leaders from Germany offer best practices for assessing privacy and security posture – not just for EU legal requirements, but because it's the right thing to do.
IT Infrastructure
By HIMSS TV | 03:43 pm | December 11, 2018
To protect the NHS' national critical infrastructure against hacktivists, major crime organizations and nation states, there needs to be further collaboration between key stakeholders, says AbedGraham's healthcare cybersecurity expert Dr. Saif Abed.
HIE
By Benjamin Harris | 11:37 am | December 11, 2018
Health Secretary Matt Hancock says shedding the legacy paper-based devices will improve privacy and security concerns, and enable better data sharing.  
Blockchain
By Mike Miliard | 10:51 am | December 11, 2018
Attorneys offer their perspective on the privacy and compliance issues faced by the technology and how it squares, or not, with laws such as HIPAA and GDPR.
Electronic Health Records
By HIMSS TV | 05:17 pm | December 06, 2018
Chief Development Officer at Finland’s UNA Plan Pirkko Kortekangas says that data privacy is a priority, but sharing information is key when searching for medical solutions.
Patient Engagement
By Mike Miliard | 04:14 pm | December 05, 2018
The 22-year-old privacy law should be updated for a mobile tech-centric and data-driven world, the information management and medical informatics groups said.