Privacy & Security

Newkirk Products, which provides ID cards for health insurance plans, reported an unauthorized access to a server containing member information.

OCR found the Illinois-based health system failed to conduct a thorough risk assessment and limit physical access to electronic health systems, among other infractions.

The analyst firm recommended that all technology vendors serving the hospital market have to recognize the evolving threat landscape their customers face and innovate accordingly.

Individuals’ data may have been compromised by hackers that cracked in via food and beverage payment systems and infiltrated patient healthcare data.

The clinic traced the breach of nearly 400,000 thousand records to an external cyberattack against its EHR in which the hackers gained access to personal information by using third-party credentials. 

After detonating various strains of ransomware in its lab, security specialist Exabeam learned that because encrypting large data-sets takes time, hospitals hit with ransomware can stop it, if they act quickly.  

A Ukrainian hacker claimed the attack on Twitter, including a screenshot of patient names, addresses, dates of birth and diagnoses.

The new collaboration seeks to end ransomware through education and decryption tools.

The Office of the National Coordinator for Health IT opened two grants for building an Information Sharing and Analysis Organization designed to serve public health entities. 

ProPublica published some 300 letters that Health and Human Services Office for Civil Rights sent to healthcare providers reminding them of legal obligations, advising how to fix problems and suggesting they make voluntary changes.