A Georgia-based orthopedic clinic has confirmed it's one of the victims of cyberattacks by "The Dark Overlord" hacker who recently posted for sale copies of stolen databases he says contain millions of records. But the clinic is tight-lipped about whether it was a victim of extortion.
Evolving criminal and unscrupulous internal threats to healthcare
data networks continue to plant seeds of fear and uncertainty
in the minds of healthcare IT professionals. Those fears are wellfounded;
a recent Information Week survey found that 91 percent
of small healthcare practices in North America say they...
Breach fallout continues to mount in the aftermath of a cyberattack on cloud-based electronic health records vendor Bizmatics, which apparently affected hundreds of thousands of patients. The saga highlights important security lessons for covered entities when it comes to dealing with business associates.
HIPAA has long provided patients with the right to access their own "designated record set" of protected health information. But federal regulators are on a campaign to help patients and healthcare organizations understand records access rights, as well as the related privacy risks.
Federal regulators have released a new framework of data security principles to guide healthcare entities and researchers participating in the Obama administration's Precision Medicine Initiative. But is it enough to safeguard sensitive patient data?
In an interview, Farah Magrabi, associate professor of health informatics at Macquarie University in Sydney, sizes up the status of health data security in Australia and highlights key concerns.
After Kansas Heart Hospital suffered a ransomware infection and paid the demanded ransom, its attackers demanded more. At that point, the hospital reportedly declined to comply, relying instead on its pre-prepared backup and recovery plan.
Organizations chosen for remote "desk audits" of their HIPAA compliance, which will begin this summer, need to be prepared to quickly provide supporting documentation, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains this in-depth audio interview.
Proposed new federal regulations would end the HITECH Act electronic health records "meaningful use" incentive program for physicians treating Medicare patients and replace it with a simplified program as part of a sweeping payment revamp. What impact would the Medicare change have on data security requirements?
A jury's decision to award $940 million in damages to electronic health records software vendor Epic Systems, which had sued India's Tata Consultancy Services alleging theft of trade secrets, serves up lessons about the importance of restricting access to all sensitive data, including intellectual property.
Federal regulators have still not developed a plan for curbing billing fraud enabled by the cut-and-paste function in electronic health records, as was recommended in a 2013 watchdog agency report.
DirectTrust is beta testing a new version of its Direct protocol for secure email messaging that can support secure texting and "chats" involving health information on mobile devices, says David Kibbe, M.D., the association's president and CEO.
Lucia Savage, chief privacy officer at ONC, explains how a new "interoperability pledge" taken by dozens of large electronic health record vendors and healthcare organizations will advance secure health data exchange as well as help patients to securely share their own health information.
In an in-depth interview, CIO Ed Ricks of Beaufort Memorial Hospital in South Carolina offers insights on how the community hospital, with limited resources, is tackling breach prevention and detection. He'll be a featured speaker at the HIMSS 2016 Conference.
Multiple hospitals from Hollywood to Germany have been hit recently by ransomware attacks. It's a reminder that no organization is immune to outbreaks of malware that's designed to forcibly encrypt all data stored on PCs and servers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.