The planned merging of two health data exchange standards organizations - DirectTrust and the Electronic Healthcare Network Accreditation Commission - will help support healthcare sector efforts to advance secure health data exchange, says Scott Stuewe, CEO of DirectTrust.
A federal judge has denied granting a preliminary injunction against Meta to stop the firm's Pixel tracking code in healthcare websites from collecting and disseminating patient information for advertising. But the judge says he could change his mind as more details about patient privacy emerge.
A resurrected proposal to enhance medical device security is nestled within the 4,155-page, $1.7 trillion omnibus spending bill that the Senate passed Thursday and sent to the House for approval. Medical device makers would be required to meet cybersecurity standards and disclose vulnerabilities.
In this episode of "Cybersecurity Unplugged," Joe Weiss, managing partner at Applied Control Systems, offers suggestions for how to harden our OT networks today, including what CISOs need to know and how guidance from the federal government needs to change.
As major cyber incidents involving vendors surge, healthcare entities must carefully and continuously scrutinize the security practices of their third-party vendors, says Kathy Hughes, CISO of Northwell Health.
Europe took a key step in formalizing a framework to underpin the trans-Atlantic flow of commercial data but privacy activists say the EU-U.S. agreement won't stand up to a legal challenge. The Commission on Dec. 13 issued a draft adequacy decision on the EU-U.S. Data Privacy Framework.
An Oklahoma-based provider of administrative and technology services to healthcare organizations is notifying more than 271,000 individuals that their personal information may have been compromised in a hacking incident involving a third-party data storage vendor.
Chinese hackers are exploiting known vulnerabilities in a Citrix networking appliance and virtual private network. The products, Citrix ADC and Gateway, are popular in the healthcare sector. Left unpatched, attackers may execute ransomware attacks or steal intellectual property.
To avoid having to even consider paying a ransom, experts have long urged all organizations to put in place appropriate defenses. Two defensive strategies for healthcare firms are moving backup and recovery to the cloud and practicing incident response scenarios.
More than a quarter million Medicare beneficiaries will be issued new Medicare cards and identifiers following a ransomware attack on a government contractor compromising a range of sensitive personal and health information.
A Florida primary care practice will pay a $20,000 financial penalty and implement a corrective action plan to settle a HIPAA right of patient access dispute. The case is the 42nd such dispute resolved by the Department of Health and Human Services since April 2019.
A ransomware attack knocking out a medical center's imaging and lab equipment is an incident felt by an entire network of healthcare providers. Entities everywhere should plan for outages even when they don't directly experience an attack, say Aftin Ross of the FDA and Penny Chase of MITRE.
Ransomware operations have become expert at finding ways to make a victim pay. But experts say there are multiple steps healthcare sector entities in particular can take to better protect themselves and ensure that they can quickly restore systems and never have to consider paying a ransom.
When healthcare organizations come together through mergers or acquisitions, it is critical for the entities to carefully assess the cyber risk each poses, as well as its level of cyber maturity, says Jigar Kadakia, CISO and chief privacy officer at Boston-based Mass General Brigham.
U.S. federal authorities are warning healthcare providers, vendors and public health sector organizations of attacks involving LockBit 3.0 ransomware, which includes features of other ransomware variants, including BlackMatter, along with the threat of triple-extortion demands.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.