Skip to main content

Privacy & Security

By Bernie Monegain | 11:32 am | March 24, 2016
A new 451 Research report found 90 percent of security executives are concerned about threats and 60 percent have experienced breaches. But they also listed attracting talent and investing in security as top barriers. 
By Bill Siwicki | 08:42 am | March 24, 2016
CIO Craig Richardville said Carolinas has reduced its duplicate medical records error rate from 2.9 percent to 0.01 percent using the ID and authentication technology in conjunction with its master patient index.
By Bernie Monegain | 04:53 pm | March 23, 2016
A Government Accountability Office report points to security weaknesses and to Health and Human Services’ incomplete information about how many people are impacted when breaches happen.  
By Bill Siwicki | 12:47 pm | March 23, 2016
A member of the U.S. House of Representatives and a Federal Trade Commission official have called for greater protections against and notifications of ransomware attacks – and bolstered cybersecurity for healthcare overall.
By Bernie Monegain | 11:57 am | March 23, 2016
Chino Valley Medical Center and Desert Valley Medical Center are the latest in a string of attacks that has security experts predicting more ransomware in the near-term. 
By Tom Sullivan | 11:33 am | March 23, 2016
The Office for Civil Rights has launched a new round of HIPAA audits. Will the program succeed in improving privacy and security practices and protecting patient data? Or could it have the opposite impact?  
By Bernie Monegain | 10:47 am | March 22, 2016
Methodist Hospital in Henderson, Kentucky, said that it has regained control of its computer systems and effectively fended off a ransomware attack without paying the cybercriminals. The attack started last Friday, March 18, and lasted five days, during which Methodist officials declared an internal state of emergency and posted this to their website: “Methodist Hospital is currently working in an Internal State of Emergency due to a Computer Virus that has limited our use of electronic web based services.  We are currently working to resolve this issue, until then we will have limited access to web based services and electronic communications.” As of this morning that message remained live and a local TV station is reporting that the FBI is investigating the attack. [Also: Hollywood Presbyterian hack signals more ransomware to come.] In reports last week, Methodist Hospital COO David Park said  that "Depending upon the number of records that were locked, depends upon whether we're going to consider looking into whether we pay anything or not." Methodist Hospital officials also noted the hospital would depend on its back-up system while the main network is locked. A similar attack was levied against Hollywood Presbyterian Medical Center in Los Angeles just last month. In that case, hospital executives paid $17,000 in bitcoin to hackers. And just last week attackers locked down four computers at Ottawa Hospital, after which officials said they had the data backed-up and thus did not need to pay the ransom.   The Institute for Critical Infrastructure Technology, meanwhile, published new research predicting that “in 2016 ransomware will wreak havoc on America’s critical infrastructure community,” and that ransomware is now so prevalent it's creating an economy all its own. Criminals operating in the so-called Ransomware economy, in fact,  savvy criminals are using social engineering and price calculations to target low-risk high-reward victims. [Like Healthcare IT News on Facebook] Ransomware is responsible for 406,887 attempted infections and accounts for a total of approximately $325 million in damages, according to a November, 2015 according to the Cyber Threat Alliance. “In most instances the majority of security and law enforcement professionals would advise against paying the hackers, because, 1) there is no guarantee you will get the decryption key, and 2) there is the fear that it will encourage others to follow suit,” Mac McMillan, cofounder and CEO of security firm CynergisTek, wrote in a commentary published on Healthcare IT News on Feb. 23, after Hollywood Presbyterian was attacked. “I would argue that is easy advice to give if you are not the one looking down the barrel of the ransom note. Until you have walked in those shoes you don't really know what you will do.” Twitter: @Bernie_HITN  
By Jack McCarthy | 10:47 am | March 21, 2016
Ransomware attacks on healthcare and other organizations “will wreak havoc on America’s critical infrastructure community,” according to a new report that also found the malware is now so prevalent it’s creating an economy of its own.
By Bernie Monegain | 11:37 am | March 18, 2016
The Office for Civil Rights used the instances to highlight the importance of holding business associates and research centers accountable to privacy and security laws.
By Jack McCarthy | 10:55 am | March 18, 2016
A hospital official says no patient data was compromised and the IT staff wiped the infected systems clean.