Phishing incidents have had a big impact on members of Albuquerque, New Mexico-based Presbyterian Health Plan in recent weeks. Two separate, apparently unrelated, attacks potentially exposed a wealth of information on plan members.
New draft guidance from the National Institute of Standards and Technology aims to help healthcare organizations improve the security of picture archiving and communications systems, or PACS.
Cybercrime is surging thanks, in part, to the availability of inexpensive hacking tools and services. A recent look by security firm Armour at black market offerings finds stolen payment card data, RDP credentials, ransomware and DDoS services are widely available for sale.
The Department of Health and Human Services has issued proposed changes to privacy rules related to the sharing of patient records created by federally assisted substance use disorder treatment programs. Do the proposals go too far, or not far enough?
Chinese advanced persistent threat groups are targeting cancer research organizations across the globe with the goal of stealing their work and using it to help the country address growing cancer rates among its population, according to researchers at cybersecurity company FireEye.
As the healthcare industry undergoes its own digital transformation, security is more important than ever. Okta's Nick Fisher says a zero trust model can keep hospitals and patients healthy when it comes to protecting their data.
Inspira Health has taken several key vendor risk management steps to help ensure patient data is protected, says CIO Tom Pacek, who describes the effort in this interview.
When we look at many of the biggest healthcare data breaches reported so far this summer, two big culprits pop out: ransomware attacks and vendor mishaps. What other trends will emerge?
The American Medical Collection Agency breach continues to grow messier, with more companies being added to the victim count. Here's the very latest tally.
A new professional credential aims to help healthcare organizations bolster their security leadership bench strength, says William Brad Marsh, co-chair of a committee that developed the certification.
The National Association of Attorneys General is urging Congress to drop the "cumbersome, out-of-date privacy rules" contained in federal regulations on substance abuse and instead apply the "effective and more familiar" HIPAA Privacy Rule to help address the opioid crisis by easing the sharing of data.
DirectTrust, - known for creating and maintaining the Direct protocol and trust framework for secure email in healthcare - has kicked off a new initiative to develop industry standards for secure real-time instant messaging. What are the potential benefits?
The sentencing of a former worker at a substance abuse treatment provider in connection with a Medicaid fraud conspiracy "is an important reminder about the threats from insiders," one privacy attorney says.
Enumerating medical devices, identifying where the security risks lie and then implementing a multilayered defense plan to mitigate risks should be top priorities for healthcare organizations, says thought leader John Halamka, M.D., executive director for technology exploration at Beth Israel Lahey Health.
Authentication vulnerabilities in certain GE Healthcare anesthesia devices could potentially allow remote attackers to meddle with the devices, researchers say. GE disputes some of the findings. Find out what other security experts have to say.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
