Securing the health environment: Evolving cyberthreats demand shifts in strategy

news

How to solve the 'Goldilocks' dilemma of health data sharing?

Healthcare information is being more widely shared than ever, but how can that be balanced with the need for robust privacy protections? At Health 2.0, two experts will frame the issue.

By Mike Miliard | August 29, 2019

news

Confusing laws, bad actors among the challenges facing healthcare data safety and patient privacy

The legal and technological picture surrounding data is a muddy one, and the healthcare industry is scrambling to keep up.

By Jeff Lagasse | August 28, 2019

news

Biohacking connected devices: What IT leaders need to know about the ‘Internet of Humans’

A cybersecurity expert offers a comprehensive and in-depth look into an emerging area of healthcare security, and offers tips for healthcare execs on what they can do and where they can look for answers.

By Bill Siwicki | August 28, 2019

news

Imprivata, Vocera collaborate on mobile device authentication

The companies are combining Imprivata's Mobile Device Access technology with the Vocera Collaboration Suite, which can offer faster and more authentication across workstations, virtual desktops and mobile devices.

By Mike Miliard | August 28, 2019

news

Presbyterian Healthcare phishing scam hits 183K patient records

Data accessed during the breach may have included patient and health plan member names as well as dates of birth, Social Security numbers and some clinical information.

By Nathan Eddy | August 28, 2019

blog

Opinion: What leaders know about cybersecurity

Leaders know that the IT department alone cannot secure an organisation, and that the easiest path to breach the best technical defenses is through their people, writes Rod Piechowski, VP of thought advisory for HIMSS.

By Rod Piechowski | August 28, 2019

news

CISO security tips for managing hybrid cloud deployments

The complexities of securing a hybrid cloud environment are not to be underestimated as more health systems contend with vendor implementations of all shapes and sizes. One prominent CISO offers tips and best practices.

By Mike Miliard | August 22, 2019

news

Hospitals are demanding secure medical devices before they buy

The IoT: "Every something that comes on the market is in essence its own small computer with an ability to find its way into something."

By Susan Morse | August 22, 2019

news

Hospitals need to know: When disaster strikes, FEMA money is available to those that file quickly

Hospitals often don't file for the funds because they're unaware of what can be reimbursed and there is only a 30-day window to apply.

By Susan Morse | August 21, 2019

news

Cybersecurity: The enemy is already inside the gate

A number one recommendation is to know all of the touch points for data: how it comes in, how it's used, where it's stored and how it goes out.

By Susan Morse | August 21, 2019

news

Close to one-third of healthcare employees have never received cybersecurity training, report shows

There is an apparent lack of awareness of federal regulations in both the U.S. and Canada to keep patient information secure.

By Jeff Lagasse | August 20, 2019

news

Healthcare organizations must lock down identities and access to PHI

An identity and access management expert illustrates this critical area of information security and offers tips on how to best control who is accessing protected health information.

By Bill Siwicki | August 20, 2019

blog

Ransomware and medical devices: How behavior analytics can protect patients

Medical devices must be managed from a security perspective, but also from an operational perspective. Using analytics to establish behavior baselines helps support risk assessments, find malfunctions and enhance staff productivity.

By William Scandrett | August 16, 2019

news

Critical security tips for provider CIOs using public clouds

Two healthcare CIOs and one deputy CISO offer their expert advice to their peers, explaining how to ensure security is wrapped up tight when working with public clouds.

By Bill Siwicki | August 16, 2019

news

Intraprise Health BluePrint Protect can help detect, manage security risks

BluePrint's visualization software coalesces security program data from disparate sources into a central "source of truth" founded on the company's workflow automation and rules engine.

By Nathan Eddy | August 14, 2019

news

How healthcare CIOs and CISOs can handle identity and access management

An expert in the strategies and technologies surrounding identity and access management walks through today’s challenges and discusses how provider organizations can best secure this key area.

By Bill Siwicki | August 14, 2019

news

Healthcare cybersecurity market poised for growth

The rapid adoption of digital technologies is considered beneficial to providers, but it can lead to cybersecurity gaps.

By Jeff Lagasse | August 14, 2019

news

Imprivata, Microsoft unveil new cloud identity and access management tool

Imprivata Identity Governance extends Microsoft’s IAM technology with role-based access controls, streamlined auditing processes and more.

By Mike Miliard | August 13, 2019

news

Medical devices pose cybersecurity and patient threat

Security breaches can happen outside of the four walls of a hospital.

By Susan Morse | August 9, 2019

news

How to find and keep top cybersecurity professionals

The Healthcare and Public Health Sector Coordinating Council has developed a guide to building a robust cybersecurity workforce, offering four suggestions for developing skills.

By Mike Miliard | August 9, 2019

news

How provider organizations can protect against credential stuffing and data scraping

With protected health information such a juicy target for cybercriminals, both data theft techniques are on the rise in healthcare.

By Bill Siwicki | August 8, 2019

news

EHNAC launches new advisory business for privacy & security compliance

The new service from the standards development group will help healthcare clients optimize risk assessments, spot and fix compliance gaps, and manage third-party assurance needs, the standards group says.

By Mike Miliard | August 6, 2019

news

California earthquakes highlight need to make evacuation decisions quickly

Ridgecrest Regional spent $72 million on a building that withstood an earthquake, but broken water pipes forced an evacuation anyway.

By Susan Morse | August 5, 2019

news

As new cyber risks emerge, strategies evolving – but basic principles still apply

BlueKeep? Dridex? A state of emergency in Louisiana? Healthcare security pros find themselves living in interesting times. But with new threats emerging each day – and old ones, like phishing, not going away – some tried and true lessons are still useful.

By Mike Miliard | August 2, 2019

news

Healthcare's number one financial issue is cybersecurity

The cost of a healthcare breach is about $408 per patient record and that doesn't include the loss of business, productivity and reputation.

By Susan Morse | July 30, 2019

news

FTC's $5 billion penalty for Facebook security lapses includes new health privacy restrictions

The fine is the largest ever imposed on any company for violating consumers' privacy, according to the FTC.

By Jeff Lagasse | July 30, 2019

news

Hospitals are paying for not vetting their vendors

More than half of hospitals say they've had one or more data breaches caused by third-party vendors in the past two years, with an average cost of $2.9 million per incident – but too many are still failing to do adequate risk assessments.

By Benjamin Harris | July 11, 2019

news

Security concerns, budget restrictions hamper move to cloud

Even as the number of organizations ready to adopt a cloud-based approach is rising, nearly a fifth of healthcare orgs surveyed said they'd consider moving their data from the cloud back on premises.

By Nathan Eddy | July 10, 2019

news

Security, control of data seen as key barriers to cloud adoption by pharma

There's continued resistance from many pharmaceutical industry executives, who think it's never possible to safely store sensitive data in the cloud.

By Nathan Eddy | July 8, 2019

news

Further investment needed to defend NHS against growing cyber threats, researchers warn

A team from the Institute of Global Health Innovation at Imperial College London published a paper on NHS cybersecurity this week.

By Leontina Postelnicu | July 4, 2019

news

Large health systems better prepared on security, says CHIME Report

While most orgs surveyed said they have network access solutions to monitor devices connected to the network, fewer than half of small providers use network segmentation to control the spread of infections.

By Nathan Eddy | June 28, 2019

news

Despite big security risks, healthcare leaders say they're sure of their preparedness

Even as they often rely on outmoded data management processes, 70% of execs and IT leaders say they're 'very' or 'extremely' confident of their infosec strategies.

By Nathan Eddy | June 19, 2019

news

Healthcare executives lack action plan to combat cybersecurity threats

The C-suite recognizes these threats, but 54% of respondents to a new survey said the biggest barrier to meeting privacy and security challenges was lack of adequate resources.

By Nathan Eddy | June 14, 2019

news

CISOs report cyberattacks on the rise in healthcare

According to a new study by Carbon Black, two thirds of surveyed healthcare organizations said cyberattacks have become more sophisticated over the past year.

By Nathan Eddy | June 10, 2019

news

As cybersecurity threats change, so must hospitals

A new assessment of cybersecurity threats highlights consumers’ growing role and predicts things will get worse before they get better.

By Benjamin Harris | June 7, 2019

news

IoT risk assessment means all hands on deck

The wide array of connected devices means "lot of different stakeholders that need to coordinate," on both the clinical and IT side. That requires "process and due diligence."

By Benjamin Harris | May 30, 2019

news

Health data security exposures doubled in one year, report says

Research from Digital Shadows found imaging files particularly vulnerable.

By Nathan Eddy | May 30, 2019

news

Key first steps for securing unruly connected devices

You can't secure a network that you don't understand. Mapping hospital IoT is a must-do process for the creation of an effective defense strategy, experts say.

By Benjamin Harris | May 29, 2019

news

Cybersecurity is a team sport, and information sharing is key

Healthcare systems need to collaborate on defense and rely on AI and machine learning to respond to new threats, study finds.

By Benjamin Harris | May 17, 2019

news

Intermountain CISO West: Cybersecurity for revenue cycle should be a KPI

The revenue cycle is an important target for cybercriminals because of the information that flows through it.

By Beth Jones Sanborn | February 11, 2019

news

CMS responds to data breach affecting 75,000 in federal ACA portal

Open enrollment, which begins November 1, will not be negatively impacted, CMS says.

By Susan Morse | October 22, 2018

news

Can't afford a security chief? Here are the alternatives

Hospitals and medical groups with limited security resources still have leadership options in managed care providers and virtual CISOs.

By Susan Morse | October 22, 2018

news

Anthem pays $16 million in record HIPAA settlement for data breach

Anthem is being held responsible for cyber attacks that stole the protected health information of close to 79 million people.

By Susan Morse | October 16, 2018

news

Aetna to pay $640,000 civil fine, on top of $17 million, to settle envelope breach

The settlement with New Jersey resolves two separate privacy breaches regarding members HIV/AIDS status and those with AFib.

By Susan Morse | October 15, 2018

news

Hurricane Florence: Lessons from hospitals that survived recent natural disasters

Here are some of the things hospitals should be working to put in place and resources available during storm season.

By Beth Jones Sanborn | September 13, 2018

news

Do your CEO and CFO underinvest in cybersecurity? Here's why and what to do about it

Executives and board members aren't cybersecurity experts so putting it in terms they can digest is crucial -- and that takes "real-life resonance."

By Beth Jones Sanborn | January 15, 2019

Securing the health environment: Evolving cyberthreats demand shifts in strategy

OTHER SPECIAL PROJECTS

Digital Maturity Forum

WHX Tech