Posts in Category: encryption

Healthcare providers tackle data security issues 

The proliferation of cyberattacks on healthcare providers is well known, with new reports continuing to highlight the problem.

More than 216 hospitals were included in 1,798 breaches between Oct. 21, 2009 and Dec. 31, 2016, according to a report last week in The Journal of the American Medical Association. Additionally, 33 hospitals, or 15 percent, reported more than one breach. Of the 141 affected acute care hospitals, 52 were major academic medical centers.

Also, about 20,000 patients were affected in 24 of the 216 breached hospitals, and six hospitals had over 60,000 breached patient records.

Another recent report found that ransomware attacks more than quadrupled in 2016, with nearly half happening in the healthcare sector. These types of attacks are projected to double again in 2017, Beazley Breach Insights reported.

Some efforts are underway to form a coordinated response to this problem.

At a hearing last week to address cyberattacks in the healthcare industry, the House Energy and Commerce Subcommittee on Oversight and Investigations, Terry Rice, VP of IT risk management and CISO at Merck, indicated cybersecurity has become a top concern for healthcare organizations.

While hundreds of millions of health records have been compromised in data breaches in recent years, the extent of the problem may be inadequately reported. “Unfortunately, I believe these incidents underrepresent the risks we are facing as an industry,” Rice said.

To fight cyberattacks, Congress should provide organizations tax breaks for Information Sharing and Analysis Centers, educate the industry on the importance of information sharing, protect data shared through ISACs and advocate for public-private partnerships, Denise Anderson, president of the National Health Information Sharing and Analysis Center told the lawmakers.

“It’s become increasingly apparent that the industry needs a government representative who understands cybersecurity issues, threats, vulnerabilities and impacts, as well as the blended threats between physical and cybersecurity,” said Anderson.

At LUMDEX, privacy, security and of course HIPAA-compliance are the essence of our software solutions. We invite you to read our Privacy and Security Policy, our Editorial and Advertising Policy, and our Terms and Conditions of Use. Feel free to browse throughout LUMEDX.com, and please read our Mission Statement in the "About Us" section of LUMEDX.com.

Latest Healthcare Cyberattack Highlights Need for Prevention 

How would you like to have to tell 34,000 patients that their data had been hacked? That’s the situation that Quest Diagnostics found itself in recently after hackers stole health information including names, birth dates, telephone numbers and lab results.

The clinical laboratory services company is just the latest victim in a long string of cyberattacks targeting protected health information. One in 13 patients stand to have their records stolen because of a healthcare provider breach, according to Accenture, an industry consulting firm. Healthcare organizations that have been the recent target of cybercriminals include:
Hollywood Presbyterian Medical Center, which paid a $17,000 ransom in bitcoin to regain control of its computer systems after a hack.
Anthem Inc., the second-largest U.S. health insurer, which had the records of nearly 80 million customers stolen.
MedStar Health, where hackers encrypted data from 10 hospitals, causing widespread confusion and delays in treatment because providers were unable to access records.
What can healthcare providers do to protect against such cyberattacks? We’ve collected a number of articles offering advice.
Tips for protecting hospitals from ransomware as cyberattacks surge
Hospitals Battle Data Breaches With a Cybersecurity SOS
Protecting a vulnerable industry against cyber attacks
5 Ways Providers Can Prevent Patient Data Breaches

What is your organization doing to protect itself from hackers? Share your strategies in our comments section below.

Healthcare Cybersecurity Failings Draw the Ire of Accountability Office 

GAO Recommends Corrective Action by Department of Health and Human Services

More than 113 million electronic health records were breached in 2015, a year that saw a total of 56 cybersecurity attacks in healthcare alone. That's a 13-fold increase from 2006 to 2015.
The Government Accountability Office isn't going to let those cybersecurity failures go unremarked upon. The GAO last week came down hard on the Department of Health and Human Services, pointing out a number of weaknesses in efforts by HHS to help health plans and other providers protect data.
"HHS has established an oversight program for compliance with privacy and security regulations, but its actions did not always fully verify that the regulations were implemented," wrote the GAO in a report released Sept. 26. The report also called out HHS for giving technical assistance "that was not pertinent to identified problems" in cybersecurity, and for failing to follow up on cases it investigated. 
In short, the GAO found, loss or misuse of health information is not being adequately addressed by HHS. To help healthcare organizations comply with HIPAA and prevent further data breaches, the Office said, HHS should take the following corrective actions:

  • Update its guidance for protecting electronic health information to address key security elements.
  • Improve technical assistance it provides to covered entities.
  • Follow up on corrective actions.
  • Establish metrics for gauging the effectiveness of its audit program. 

HHS generally concurred with the recommendations and stated it would take actions to implement them.

UPDATE: On Oct. 4, HHS announced that it had awarded funding to help protect the health sector against cyber threats. Learn who received the funding, and how it is intended to help healthcare organizations.

The Best of Cardio and Health IT News: Week of 2/22/16 

Security breach, telehealth, and Obamacare

LUMEDX does the research for you! Here are some of the top stories in healthcare this week.

Security: Hospital pays ransom to get its data back from hackers

Security experts are concerned that a Southern California hospital paid a $17,000 ransom in bitcoins to hackers who infiltrated and disabled its network, saying that agreeing to the ransomers' demands could set a bad precedent. The hackers had encrypted the hospital's computer network and demanded the ransom to provide a digital decryption key to unlock it.

Healthcare could be major issue in presidential race

The future of U.S. healthcare--especially Obamacare, Medicare, and Medicaid--will be determined in this year's presidential election, and the candidates are offering starkly different visions. Democrat Hillary Clinton would uphold and expand the Affordable Health Act, while her primary opponent, Bernie Sanders, would replace it with a single-payer system. Republican Donald Trump expressed support for some facets of the ACA, while Republican Sens. Marco Rubio and Ted Cruz vow to end it.

51 hospitals settle with Justice Department in ICD case

The Department of Justice has reached settlements with 51 hospitals that allegedly improperly implanted implantable cardioverter defibrillators (ICDs) in Medicare patients. The department said it had reached settlements worth a total of more than $23 million with hospitals in 15 states for allegedly improperly implanting the cardiac devices.

Forbes blogger predicts expansion of concierge healthcare model

An opinion piece in  Forbes suggests that hospitals should consider offering concierge healthcare. The concierge model could help financially struggling providers by making them more attractive to wealthier patients who will pay for expedited access to high-caliber physician talent.

Experts call Zika 'the scariest virus since HIV'

As experts learn more about the mosquito-borne Zika virus, they are becoming more alarmed. The American Council on Science and Health referred to Zika as  "possibly the scariest virus since HIV" because it is carried by hard-to-escape mosquitoes and causes serious birth defects.

  • RSS

Statistics

  • Entries (214)
  • Comments (388)

Categories