Zero Trust

"Cyber criminals will use a time of crisis to cover some of their actions in a very opportunistic way. And so we try to track and match our operations and vigilance to that."

Covered entities and their cloud-service providers both have jobs to do when it comes to protecting hosted patient data – and have to strike a balance deciding who does what.

Intelligence agencies, security firms and Big Tech giants and all ringing alarm bells over the growing threat from cybercriminals in the wake of the global COVID-19 pandemic – with ransomware attacks, opportunistic phishing threats and other malicious activities all threatening healthcare organizations worldwide.

"Zero trust flips the security model: Instead of 'trust but verify,' organizations 'always verify but never trust,'" one security expert explains.

As state and federal legislation in the US and elsewhere tries to catch up with the digital health economy, the patient at the center of that economy might struggle to know just how private their data actually is.

"SweynTooth" impacts several microchip and medical device manufacturers, and could allow bad actors to wirelessly crash or access these products, according to the agency.

Cybersecurity experts warn healthcare organizations not to pay up for fear of more attacks, but some provider organizations had no choice last year.