Privacy & Security

Healthcare security stuck in Stone Age
By Erin McCann | 12:05 pm | April 22, 2014
Healthcare has a few things to do differently in the privacy and security arena -- one of them being: Start taking it seriously. This according to Verizon's annual breach report.
UPMC breach strikes 27,000 employees
By Bernie Monegain | 11:59 am | April 21, 2014
UPMC officials say the number of employees affected by a data breach at the renowned medical center is much higher than originally reported -- rising from 322 employees first disclosed on March 6, now up to 27,000 out of a total of 62,000 employees.
Why does healthcare resist encryption?
By Evan Schuman | 09:51 am | April 17, 2014
The most basic security truth in 2014 is that encryption done properly -- a high enough level of encryption, proper safeguarding of the encryption key -- is the best thing an IT department can do. Sill, many industries resist encryption, and healthcare is arguably the most strident.
Where will HIT security be in 3 years?
By Evan Schuman | 11:01 am | April 16, 2014
Security is a nightmare for all companies, but the very nature of healthcare makes it far worse. Are there ways to make security not merely viable, but even profitable?
Heartbleed 'top of food chain' for healthcare industry, says CISO
By Erin McCann | 12:02 pm | April 14, 2014
When it comes to security threat severity, the Heartbleed bug doesn't miss a beat. That's according to Phil Lerner, chief information security officer at Beth Israel Deaconess Medical Center, who, on a scale from 1 to 10, ranks the bug a solid "high priority" at 7.5.
Fourth HIPAA breach for Kaiser
By Erin McCann | 11:25 am | April 07, 2014
Some 5,100 Kaiser Permanente patients were sent HIPAA breach notification letters after a KP research computer was found to have been infected with malicious software. Officials say the computer was infected with the malware for more than two and a half years before being discovered Feb. 12.
Groups to pay $4M for privacy offense
By Erin McCann | 11:53 am | March 24, 2014
It's not only federal HIPAA privacy and security violations that may end up costing industry groups a pretty penny. There's also state privacy laws to heed. Case in point is what recently transpired at Stanford Hospital and Clinics.
3 tips to avoid BYOD breaches
By Diana Manos | 11:13 am | March 19, 2014
Without question, BYOD, or "bring your own device," offers benefits to both healthcare employees and employers. It also presents security issues. No matter who owns the device, hospitals are responsible for any data breaches that occur.
Hospital system fails mock cyberattack
By Erin McCann | 05:25 am | March 19, 2014
The 28-hospital Indian Health Service has failed a mock cyberattack conducted by HHS' Office of Inspector General after its computer network was discovered to have "high risk" vulnerabilities.
Identity crisis looms for US healthcare
By Anthony Brino | 07:45 am | March 18, 2014
While the U.S. continues digitizing its healthcare industry, a huge challenge is arising: not only securing those systems but verifying identities. With a steady stream of HIPAA-covered data breaches continuing over the past few years, some argue that current identity security approaches just aren't adequate.