Privacy & Security

Michelle Garvey Brennfleck
A healthcare attorney's tips for regulatory compliance readiness
By Andrea Fox | 12:55 pm | July 24, 2023
HIPAA covered entities should be proactive, requiring notification of any security incident – not just breaches – in their business agreements, says Michelle Garvey Brennfleck, healthcare corporate and regulatory shareholder at Buchanan Ingersoll & Rooney PC.
Patient logs into patient portal on laptop
FTC, OCR send warning letter to hospitals about online tracking pixels
By Andrea Fox | 11:25 am | July 21, 2023
The agencies contacted 130 health systems and telehealth providers by mail to emphasize the potential HIPAA risks of using Meta/Facebook pixel and Google Analytics tracking tools that may be "impermissibly disclosing" protected health information.
Steven Ramirez and Steve Cagle
Cybersecurity benefits from strategic partnerships
By HIMSS TV | 07:00 am | July 20, 2023
Steven Ramirez, CISO at Renown Health, and Steve Cagle, CEO at Clearwater, talk about the top cyber threats to healthcare and how vendors and providers – as evidenced by their long-term partnership – can work together for better risk management.
A 3D fiberoptic lock appears over a motherboard.
HC3 warns about AI's cybersecurity impacts
By Andrea Fox | 10:45 am | July 19, 2023
Threat actors are using artificial intelligence for both designing and executing attacks on hospitals and health systems. HC3 used ChatGPT to show how bad actors leverage generative AI to design spear-phishing emails and malware.
HCA Healthcare
HCA Healthcare sued for recent data breach
By Mike Miliard | 12:21 pm | July 18, 2023
Plaintiffs say the apparent theft of identity and other information announced this past week, which could impact as many as 11 million people, happened because the health system did not use "reasonable security procedures and practices."
Black and white image of two individuals fencing. One is jumping but the opponent finds the weak spot.
Warning: Cybercriminals have more weapons with AI
By Andrea Fox | 11:38 am | July 18, 2023
Artificial intelligence has changed the threat landscape, enabling new cybersecurity risks for health systems: more sophisticated social engineering, automated vulnerability intelligence gathering, endpoint detection evasion and more.
Image of network showing multiple medical devices or IoT inputs
Healthcare's edge computing priorities have changed
By Andrea Fox | 10:15 am | July 12, 2023
AT&T's annual industry insights report revealed a shift in focus from consumer virtual care in 2022 to richer budgeting for tele-emergency medical services. 
Abstract of a padlock
HCA Healthcare says data breach 'appears to be a theft'
By Mike Miliard | 11:21 am | July 11, 2023
The health system says the patient data, which was posted online, includes names, phone numbers and appointment information, but not clinical or payment info.
Cardiac patient talking to cardiologist on a telehealth call with monitor, medication and a sandwich on the table
CISA warns of Medtronic cardiac device security vulnerability
By Andrea Fox | 10:23 am | July 05, 2023
Medtronic has released an update for a cybersecurity vulnerability that an unauthorized user could exploit to steal, delete or modify cardiac device data or to gain network access.
NetSPI Chad Peterson interview_Wireframe tunnel photo DKosig/Getty Images
Pentesting as a key component for HIPAA compliance
By HIMSS TV | 07:00 am | July 03, 2023
An "unwritten requirement" can help healthcare organizations understand their environments and examine vulnerabilities to protect ePHI, says Chad Peterson, managing director at NetSPI.