Feds will weigh whether cyber best practices were followed when assessing HIPAA fines
Organizations that can show they did their due diligence in protecting medical information will be better off, should a breach occur.
Organizations that can show they did their due diligence in protecting medical information will be better off, should a breach occur.
The health care cybersecurity consulting firm has been working especially closely with hospitals in the last week to help them quickly respond to this new wave of attacks. CEO Caleb Barlow details the implications.
Organizations in the health care sector and beyond should be aware of potential copycat attacks, which could result in significant damage to reputation and subsequently the bottom line.
For many markets, changing the way companies evaluate the severity of risk could shift how they prioritize which bugs to stomp out in which order.
For medical facilities, and any entity that delivers critical services, the situation places security teams on high alert: ensure adequate training for the workforce and some means of network redundancy or else risk similar tragedy or even potential liability.
Long at the forefront of protecting sensitive information from cyberattacks, health care organizations had to pivot quickly to ensure as the COVID-19 pandemic imposed new threats on a vulnerable newly remote workforce. And adapt they did, even as bad actors exploited a fragile, fragmented infrastructure suddenly reliant on telehealth visits. The lessons learned from the…
Experts told SC Media that the auditing and reporting process is an important component of a health care organization’s data privacy strategy in order to catch violations, and that particular focus should be paid to “records that would be of high interest or curiosity.”
In part one of a two-part series, SC Media examines how businesses and institutions in poorer or underserved regions may be less equipped to fight off cyberattacks than their well-funded counterparts in affluent cities.
Strapped for cybersecurity resources, small and medium-size health care providers should outsource electronic medical record (EMR) maintenance, Payment Card Industry (PCI) compliance and threat intelligence gathering to third-party service providers, but risk assessment must still be handled internally, according to Mitchell Parker, CISO at Indiana University Health. Lamenting the recent scourge of ransomware and data…
Despite an increased toll on their computer systems amid Covid-19, healthcare organizations throughout the world generally are doing a good job of mitigating inbound attack attempts, according to a Vectra analysis of the first five months of 2020. The report cites a doubling of data exfiltration behaviors to external destinations in Europe, Middle East and…