Skip to main content

Privacy & Security

Electronic Health Records
By Bill Siwicki | 04:06 pm | December 19, 2017
Hospital and health system execs discuss hurdles they’re facing as they move into the new year.
Privacy & Security
By Jessica Davis | 11:34 am | December 19, 2017
The global ransomworm attack crippled over 300,000 devices in more than 150 countries in May, including 16 branches of the U.K. National Health Service.
Privacy & Security
By Bill Siwicki | 03:01 pm | December 18, 2017
With attacks continuing unabated and healthcare again expected to be 2018's top cyber target, just 11 percent of providers plan to get a cybersecurity officer in 2018, the new research report finds.
Privacy & Security
By Bill Siwicki | 02:00 pm | December 15, 2017
In response to an ever-worsening cybersecurity environment in healthcare, with an increasing number of cyberattacks on hospitals, health systems and clinics, the American Health Information Management Association has issued new cybersecurity guidelines for healthcare professionals to reference as they seek ways to implement cybersecurity prevention measures. These include actions that can be started immediately as well as comprehensive efforts that require more long-term commitments. The roadmap, tittled, AHIMA Guidelines: The Cybersecurity Plan, was primarily authored by Kathy Downing, vice president, information governance, informatics, privacy and security, at AHIMA, who has the apt Twitter handle @HIPAAQueen. [Also: Precision med is about to have its breakout moment ] “Information governance – the development of an organization-wide framework for managing information throughout its lifecycle and supporting the organization’s strategy, operations, regulatory, legal, risk and environmental requirements – is a critical organizational initiative that healthcare organizations must embrace in order to thrive in the environment of cyber threats and attacks in healthcare today,” Downing wrote. [Also: 2018 is primed for blockchain, big data and cloud computing advancements, all with a better security plan] “The cybersecurity plan is a part of the privacy and security competency and needs to address people, processes and technology," she added. The new cybersecurity guidelines outline 17 steps to completing a successful cybersecurity plan. These steps include: Conduct a risk analysis of all applications and systems. Recognize record retention as a cybersecurity issue. Patch vulnerable systems. Deploy advanced security endpoint systems that provide more effective protections than standard antivirus tools. Encrypt workstations and laptops, smartphones and tablets, and portable media and backup tapes. Improve identity and access management. Refine web filtering (blocking bad traffic). Implement mobile device management (MDM). Develop incident response capability. Monitor audit logs to selected systems. Leverage existing security tools like intrusion prevention system/intrusion detection system (IPS/IDS) to detect unauthorized activities. Evaluate business associates. Improve tools and conduct an internal phishing campaign. Hire an outside security firm to conduct technical and non-technical evaluations. Prepare a “State of the Union” type presentation for an organization’s leaders on cybersecurity. Apply a “defense in depth” strategy. Detect and prevent intrusion. "Review current access control protocols and tighten them up," AHIMA advises. "Another proactive step you can take is to conduct an evaluation or assessment of current security policies. If they have not been updated or modified to account for risks of hacking, this is an action item that should be undertaken." Twitter: @SiwickiHealthIT Email the writer: bill.siwicki@himssmedia.com
Revenue Cycle
By Jeff Lagasse | 12:46 pm | December 14, 2017
Company said it will use the investment to build out its technology platform for hospitals, life sciences organizations and payers can engage in patient-centric value-based care.
Compliance
By Jessica Davis | 03:38 pm | December 13, 2017
After filing for bankruptcy in May, the Florida-based cancer specialty provider also settled with the government for $26 million over false claims allegations.
Electronic Health Records
By Bill Siwicki | 01:21 pm | December 12, 2017
A new report from AMA and Accenture finds phishing is the most common type of attack.
Privacy & Security
By Jessica Davis | 11:53 am | December 12, 2017
New HIMSS Analytics and Mimecast report ranks top cybersecurity strategies hospitals are pursuing for 2018.
SPONSORED Privacy & Security
By Commvault | Commvault | 10:45 am | December 12, 2017
Healthcare organizations are putting their money where their security concerns are.
Privacy & Security
By Jessica Davis | 01:11 pm | December 11, 2017
New Jersey’s Hackensack Sleep and Pulmonary Center at least was able to regain patient files from an offline backup.