Health Care

Employees mishandle data, violate HIPAA in Washington State Medicaid breach

By

The Washington State Health Care Authority (HCA) announced yesterday that employees at two state agencies committed a HIPAA violation by improperly exchanging private data pertaining to its Apple Health Medicaid clients.

Missing drives contained PHI on 950K Centene customers

By

During an inventory of its IT assets, health insurer Centene discovered that six hard drives containing personal and health information on 950,000 customers had gone missing.

Flint hospital hit with cyber attack after Anonymous threatens action

Flint hospital hit with cyber attack after Anonymous threatens action

By

Hurley Medical Center in Flint, Mich. was hit by a cyber attack Thursday after Anonymous threatened to take action over for the city's water crisis.

Henry Schein to pay $250K to FTC for misleading encryption claims

Henry Schein to pay $250K to FTC for misleading encryption claims

By

The Henry Schein Practice Solutions, Inc. agreed to pay a $250,000 fine to the FTC for falsely advertising the level of encryption it used to safeguard patient data.

Asbestos bill would expose victims' personal data, medical histories

Asbestos bill would expose victims' personal data, medical histories

By

Privacy and public interest organizations are petitioning against a bill that attempts to prevent fraud in asbestos lawsuits.

USB ports pose hidden risk for medical facilities

USB ports pose hidden risk for medical facilities

By

When visiting a medical facility, it can be tempting to charge a mobile device into a spare USB port, but the free charge may contain an unpleasant after-effect.

HHS, HITRUST, Deloitte 'attack' healthcare orgs to test cyber preparedness

HHS, HITRUST, Deloitte 'attack' healthcare orgs to test cyber preparedness

By

Mock attacks on 12 healthcare organizations to tested the organizations' capabilities in responding to cyber incidents.

North Carolina DHHS reports second email incident in two months

By

The North Caroline DHHS has announced a second email incident that affected more than 500 patients.

Health and Human Services CIO will be stepping down

Health and Human Services CIO will be stepping down

By

HHS CIO Frank Baitman is stepping down from his post at the end of the month.

Three-quarters of industry pros say a breach caused by an IoT device is likely

Three-quarters of industry pros say a breach caused by an IoT device is likely

By

A new report found that nearly three-quarters of industry professionals believe there is a medium or high likelihood of their organization being hacked as a result of the interconnectivity of Internet of Things.

Equipment containing patient data stolen from Illinois orthopedic provider

By

A laptop and EMG machine containing personal information were stolen from a Barrington Orthopedic Specialists transport vehicle.

Thousands of medical systems found vulnerable to attack

Thousands of medical systems found vulnerable to attack

By

Researchers presented findings at Derbycon this past weekend that indicated vulnerabilities in thousands of medical systems.

Members of NJ health insurer had data accessed, used in fraud scheme

By

Several individuals posed as health care professionals and used member information to submit false claims to Horizon Blue Cross Blue Shield of NJ.

London clinic leaks HIV status of 780 patients in newsletter

London clinic leaks HIV status of 780 patients in newsletter

By

A London sexual health clinic accidentally leaked the HIV status, names, and email addresses of 780 patients in a newsletter.

American Airlines denies hack, but reinforces security efforts

American Airlines denies hack, but reinforces security efforts

By

American Airlines denied involvement in an apparent security incident at its one-time subsidiary Sabre, but is redoubling its own security measures as a precaution.

UCLA target of class-action suit after breach

By

A lawsuit filed in a federal court in California accused UCLA Health System of not adequately protecting the personal data of 4.5 million individuals affected by a 2014 breach.

UPMC Health Plan compromises personal data of 722 patients

By

University of Pittsburgh Medical Center (UPMC) Health Plan announced its third breach in two years, information of 722 patients compromised.

Health orgs asking third party associates to get CSF certification

By

Recognizing the increased risk of breach from the interconnectedness of healthcare systems, some healthcare organizations will require third parties to obtain CSF certification.

Reports tie together Anthem and OPM data breaches

By

Evidence seems to indicate that the Anthem data breach and OPM data breaches were carried out by the same Chinese actors.

Medical Information Engineering's network breached; undisclosed number of patients compromised

By

The personal health information, including Social Security numbers and medical conditions, might have been compromised in a cyber attack in May on Medical Information Engineering.

Researcher who found Hospira drug pump flaws says more models are vulnerable

Researcher who found Hospira drug pump flaws says more models are vulnerable

By

Security researcher Billy Rios has verified that more Hospira infusion pumps are vulnerable to the same security issues, since they use "identical software."

Researchers publish developer guidance for medical device security

Researchers publish developer guidance for medical device security

By

The guidance is organized into 10 categories, and serves as "starting point for a more complete code," report authors said.

Three MetroHealth computers infected with malware, patients notified

By

The Ohio-based health care provider is notifying nearly 1,000 patients that three computers in its Cardiac Cath Lab were infected with malware.

DHS adds more bug disclosures to Hospira drug pump alert, FDA joins call

DHS adds more bug disclosures to Hospira drug pump alert, FDA joins call

By

ICS-CERT is now aware of more vulnerabilities impacting Hospira infusion pumps.

Study: Root cause of health care breaches shifts to criminal attacks

Study: Root cause of health care breaches shifts to criminal attacks

By

An annual health care study found that criminal attacks replaced device theft and loss as the leading cause of breaches.

ICS-CERT issues advisory on Hospira infusion pump flaws

ICS-CERT issues advisory on Hospira infusion pump flaws

By

An independent researcher identified the improper authorization vulnerability and insufficient verification of data authenticity flaw.

Sign on the digital line: Case study

Sign on the digital line: Case study

By

Biopharma companies need a secure digital signing infrastructure. SureClinical found an answer for them, reports Greg Masters.

In latest filing, LabMD claims lack of due process, prejudice taint FTC case

In latest filing, LabMD claims lack of due process, prejudice taint FTC case

By

The Atlanta-based medical testing lab has, again, filed to have FTC's complaint dismissed.

Hospitals testing AC monitoring platform to spot malware in medical devices

By

Two unnamed hospitals have signed on to test the WhatsAppDoc platform developed to detect malware in outdated medical devices by monitoring AC consumption.

In growing market for genetic data, privacy implications prove lasting

In growing market for genetic data, privacy implications prove lasting

By

Experts consider the lasting impact of data brokers, and potential breaches, on genetic information.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US