Health Care News, Articles and Updates

HHS' Office for Civil Rights instructs its investigators not to overlook smaller breaches

HHS' Office for Civil Rights instructs its investigators not to overlook smaller breaches

By

In a revision of its policies, the U.S. Department of Health and Human Services' Office for Civil Rights has instructed its regional offices to place more of an emphasis on investigating smaller health-care data breaches that affect fewer than 500 individuals.

Records exposed of 650K patients at Bon Secours

Records exposed of 650K patients at Bon Secours

By

Patient records were compromised at Bon Secours, a nonprofit health care provider.

PilotFish source codes selling on dark web, report

PilotFish source codes selling on dark web, report

By

In what is being flagged as a threat to the health care sector, the source code of all of PilotFish Technology's software has been posted to the dark web.

UPDATED: Oregon State Hospital notifies patients of breach

UPDATED: Oregon State Hospital notifies patients of breach

By

Oregon State Hospital's maximum security ward is notifying patients of a data breach.

Advocate Health Care hit with largest HIPAA settlement

Advocate Health Care hit with largest HIPAA settlement

By

Advocate Health Care will pay $5.55 million for a breach that led to the exposure of personally identifiable information of four million patients.

Ransomware targeting healthcare overshadows other sectors

Ransomware targeting healthcare overshadows other sectors

By

An analysis of malicious threats tracked by managed security services provider Solutionary reported that ransomware attacks targeting healthcare companies comprised 88 percent of all ransomware attacks.

Ultrasound theft results in data breach at health care company Kaiser Permanente

Ultrasound theft results in data breach at health care company Kaiser Permanente

By

Health care consortium Kaiser Permanente's Northern California division has publicly disclosed a data breach after two of its employees allegedly stole an unspecified number of ultrasound machines containing protected health information.

Massachusetts General Hospital data breach affects 4.3K patients

Massachusetts General Hospital data breach affects 4.3K patients

By

Fingers are pointing at a third-party vendor as the culpable party behind the exposure of personally identifiable information of 4,300 patients of Massachusetts General Hospital (MGH).

X-ray and MRI machines among devices used as springboards for data breach attacks

X-ray and MRI machines among devices used as springboards for data breach attacks

By

An x-ray machine, an oncology system, an MRI machine: These are all important healthcare devices that researchers found harboring malware capable of installing backdoors on other connected systems for the purpose of exfiltrating data.

Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace

Hacker purportedly selling over 650,000 stolen medical records on dark web marketplace

By

A hacker with the ominous nickname "thedarkoverlord" appears to have stolen more than 650,000 medical records from three separate healthcare institution databases, and has made them available for sale on the darknet online marketplace TheRealDeal.

HHS may copy the DoD's Hack the Pentagon program

HHS may copy the DoD's Hack the Pentagon program

By

Citing the success enjoyed by the DoD's Hack the Pentagon bug bounty program, the HHS is considering using ethical hackers to discover flaws in medical devices and systems.

Healthcare struggles to protect privacy of PHI

Healthcare struggles to protect privacy of PHI

By

As the healthcare industry strives to bring data from different sources together to create longitudinal patient records, organizations must find ways to minimize and de-identify data to better protect its privacy.

Variant of Cerber ransomware features bot capabilities that could launch DDoS attacks

Variant of Cerber ransomware features bot capabilities that could launch DDoS attacks

By

Researchers at endpoint security solutions company Invincea have discovered a new variant of Cerber ransomware that could lock out legitimate users, while still allowing attackers to potentially launch DDoS attacks against other networks.

Ponemon: 89% of surveyed health care orgs breached in last two years; cybercrime top cause

Ponemon: 89% of surveyed health care orgs breached in last two years; cybercrime top cause

By

For the second consecutive year, Ponemon Institute's annual study on the state of security and privacy in health care found that cybercrime was the leading cause of data breaches among hospitals and other medical providers.

NHS sharing unfiltered medical data on 1.6M patients with Google AI company

NHS sharing unfiltered medical data on 1.6M patients with Google AI company

By

As part of a joint venture to develop groundbreaking healthcare apps, the UK's National Health Service (NHS) has agreed to share new and historical healthcare data on 1.6 million patients with Google's AI company DeepMind.

Cybersecurity Caucus: FDA guidelines protect medical devices from hackers

Cybersecurity Caucus: FDA guidelines protect medical devices from hackers

By

Rep. James Langevin wrote an open letter to the Food and Drug Administration's (FDA) praising draft guidance that would strengthen the cybersecurity of medical devices.

Research: Over 6,000 data breaches in key industry sectors since 2005

Research: Over 6,000 data breaches in key industry sectors since 2005

By

The Identity Theft Resource Center (ITRC) and IDT911 said that to date, the financial services, business, education, government and healthcare industrial sectors have experienced over 6,000 data breaches since 2005.

California ransomware bill supported by Hollywood hospital passes committee

California ransomware bill supported by Hollywood hospital passes committee

By

A proposed California legislation imposing specific penalties for ransomware took a step forward yesterday when the state senate's Public Safety Committee passed the bill at a hearing featuring testimony from Hollywood Presbyterian Medical Center.

Federal court bucks trend, rules general liability insurance covers data breach

Federal court bucks trend, rules general liability insurance covers data breach

By

A federal appeals court upheld a ruling that insurance firm Travelers Indemnity Co., under the terms of a commercial general liability policy, must defend its client, Portal Healthcare Solutions, in a lawsuit stemming from a data breach.

Report: 14% of doctors keep patient data on cell phones, don't use password

Report: 14% of doctors keep patient data on cell phones, don't use password

By

A new report found 28 percent of doctors store patient data on their cell phones, and 80% of doctors use a mobile device as a tool to assist their daily practice.

Personal laptop, possibly containing data on 5M patients, stolen from HHS facility

Personal laptop, possibly containing data on 5M patients, stolen from HHS facility

By

A personal laptop and hard drives that may have contained data on close to 5 million medical patients was stolen from a Washington State federal building, prompting calls for the Department of Health and Human Services to reveal the extent of the damage.

Another Canadian hospital hit with ransomware attack, spreads TeslaCrypt

Another Canadian hospital hit with ransomware attack, spreads TeslaCrypt

By

Malwarebytes researchers spotted another ransomware attack against a Canadian hospital.

Researchers detect surge in Samsam ransomware that spreads via vulnerabilities

Researchers detect surge in Samsam ransomware that spreads via vulnerabilities

By

A ransomware campaign with an unusual method of propagation—infecting servers via unpatched vulnerabilities, then spreading laterally across the local network—experienced a marked spike in activity Monday, according to researchers at Talos.

Hospitals in Kentucky, SoCal become latest targets of hackers

Hospitals in Kentucky, SoCal become latest targets of hackers

By

The scourge of malware attacks against hospitals continued this week, including a ransomware assault targeting Henderson, Ky.-based Methodist Hospital and another possible ransomware incident at two Southern California facilities.

FTC, legislators call for improvements in health-care IT laws, including ransomware protection

FTC, legislators call for improvements in health-care IT laws, including ransomware protection

By

A federal hearing on standardizing and modernizing health information technology resulted in calls for new or revised legislation to fill in gaps in cybersecurity law.

House subcommittee questions VA CIO over security weaknesses

House subcommittee questions VA CIO over security weaknesses

By

The Department of Veterans Affairs CIO LaVerne Council was questioned by lawmakers Wednesday at a House Oversight subcommittee hearing.

Oncology clinic breached, patient data stolen

Oncology clinic breached, patient data stolen

By

21st Century Oncology was asked by the Federal Bureau of investigation to delay notification of patients that there information had been taken when a third-party gained unauthorized access to one of its databases.

Stolen laptop exposes PII of over 200K Premier Healthcare patients

By

Premier Healthcare, a Bloomington, Indiana-based healthcare provider, suffered a data breach when a thief stole a laptop containing patient information from the company's billing department.

Health care horror stories...and cures

By

The health care industry must step up when it comes to addressing its steady stream of IT security risks, says Illena Armstrong, VP, editorial, SC Magazine.

First, do no harm: Medical devices

First, do no harm: Medical devices

By

The growing value of medical data and the rise of IoT are testing health care's lagging infrastructure. Alan Earls reports.

RECENT COMMENTS

Sign up to our newsletters

FOLLOW US