Health Care

Health orgs asking third party associates to get CSF certification

By

Recognizing the increased risk of breach from the interconnectedness of healthcare systems, some healthcare organizations will require third parties to obtain CSF certification.

Reports tie together Anthem and OPM data breaches

By

Evidence seems to indicate that the Anthem data breach and OPM data breaches were carried out by the same Chinese actors.

Medical Information Engineering's network breached; undisclosed number of patients compromised

By

The personal health information, including Social Security numbers and medical conditions, might have been compromised in a cyber attack in May on Medical Information Engineering.

Researcher who found Hospira drug pump flaws says more models are vulnerable

Researcher who found Hospira drug pump flaws says more models are vulnerable

By

Security researcher Billy Rios has verified that more Hospira infusion pumps are vulnerable to the same security issues, since they use "identical software."

Researchers publish developer guidance for medical device security

Researchers publish developer guidance for medical device security

By

The guidance is organized into 10 categories, and serves as "starting point for a more complete code," report authors said.

Three MetroHealth computers infected with malware, patients notified

By

The Ohio-based health care provider is notifying nearly 1,000 patients that three computers in its Cardiac Cath Lab were infected with malware.

DHS adds more bug disclosures to Hospira drug pump alert, FDA joins call

DHS adds more bug disclosures to Hospira drug pump alert, FDA joins call

By

ICS-CERT is now aware of more vulnerabilities impacting Hospira infusion pumps.

Study: Root cause of health care breaches shifts to criminal attacks

Study: Root cause of health care breaches shifts to criminal attacks

By

An annual health care study found that criminal attacks replaced device theft and loss as the leading cause of breaches.

ICS-CERT issues advisory on Hospira infusion pump flaws

ICS-CERT issues advisory on Hospira infusion pump flaws

By

An independent researcher identified the improper authorization vulnerability and insufficient verification of data authenticity flaw.

Sign on the digital line: Case study

Sign on the digital line: Case study

By

Biopharma companies need a secure digital signing infrastructure. SureClinical found an answer for them, reports Greg Masters.

In latest filing, LabMD claims lack of due process, prejudice taint FTC case

In latest filing, LabMD claims lack of due process, prejudice taint FTC case

By

The Atlanta-based medical testing lab has, again, filed to have FTC's complaint dismissed.

Hospitals testing AC monitoring platform to spot malware in medical devices

By

Two unnamed hospitals have signed on to test the WhatsAppDoc platform developed to detect malware in outdated medical devices by monitoring AC consumption.

In growing market for genetic data, privacy implications prove lasting

In growing market for genetic data, privacy implications prove lasting

By

Experts consider the lasting impact of data brokers, and potential breaches, on genetic information.

Researchers investigate link between Axiom spy group, Anthem breach

Researchers investigate link between Axiom spy group, Anthem breach

By

Anthem breach investigators initially claimed that tools, linked exclusively to Chinese espionage attackers, were used against the health insurer.

Up to 18.8 million non-Anthem members possibly affected in breach

By

Of the approximate 78.8 million people whose information was accessed by hackers earlier this month, anywhere from 8.8 to 18.8 million of those affected include non-members.

Think you should just be worried about fines? Think again. And think like an attacker.

Think you should just be worried about fines? Think again. And think like an attacker.

When it comes to healthcare security, if you think compliance is the only thing you need to worry about, think again.

Report: Anthem may have up to $200M in cyber insurance

By

A unit of AIG Inc. is the primary cyber insurer for Anthem, according to a recent report in Business Insurance.

Lawsuits filed against Anthem, phishing scams abound

Lawsuits filed against Anthem, phishing scams abound

By

Plaintiffs in California, Georgia, Indiana and Alabama have filed suits and Anthem warned customers to brace for more phishing scams.

Community debates encryption's value in Anthem incident

Community debates encryption's value in Anthem incident

By

Experts argue that encryption is not the key piece in the Anthem breach if the incident involved a targeted attack on admin credentials.

Exclusive: Mandiant speaks on Anthem attack, custom backdoors used

Exclusive: Mandiant speaks on Anthem attack, custom backdoors used

By

Mandiant was brought on site Tuesday, after Anthem started their own internal investigation.

Skills in demand: Information security analysts - health care

Skills in demand: Information security analysts - health care

The amount of information stored in our medical records creates a ripe environment for security breaches. The health care sector is in search of information security analysts.

Eleventh Circuit dismisses LabMD motion questioning FTC authority

By

LabMD can challenge the FTC's enforcement authority in federal court once the agency comes to a final decision on the exposure of patient data.

HITRUST, Deloitte slate cyber town halls for health care orgs

By

The HITRUST Alliance and Deloitte will coordinate cyber town hall meetings in major U.S. cities.

HITRUST forms working group for medical device, health system security

By

The mission of the working group will be to enhance health information technology (HIT) security.

NJ law requires health insurance carriers to encrypt sensitive data

By

New Jersey Governor Chris Christie signed the legislation last Friday.

HITRUST adds privacy controls to Common Security Framework

By

The privacy controls will be added to version 7 of HITRUST's CSF due out later this month.

Landmark HIPAA settlement confirms push to firm up patching schedules

Landmark HIPAA settlement confirms push to firm up patching schedules

By

Anchorage Community Mental Health Services (ACMHS) must pay $150,000 and integrate an action plan to meet HIPAA compliance.

Health billing co., former CEO settle with FTC over data collection

By

PaymentsMD and its former CEO will have to destroy all information collected related to its Patient Health Report service.

Healthcare sector's broad data sets will attract increased attacks in 2015

Healthcare sector's broad data sets will attract increased attacks in 2015

By

A number of Websense threat predictions point back to the vulnerable healthcare industry as a major target for cybercriminals.

Study: 68 percent of healthcare breaches caused by loss or theft of devices, files

Study: 68 percent of healthcare breaches caused by loss or theft of devices, files

By

Security firm Bitglass analyzed three years worth of HHS breach records for its report.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US