Cybersecurity

HHS, FDA, VA among the 24 federal agencies with ineffective security, report says

Inspector generals and GAO have made hundreds of recommendations to these agencies about deficiencies in security controls, but many have yet to be fully implemented.The U.S. Department of Health and Human Services, Food and Drug Administration and the Department of Veterans Affairs are among the 24 federal agencies with widespread security failures due to ineffective

[ Read More ]

How your hospital can avoid ransomware attacks & safeguard patient info

Tech attacks have become even more common in recent months for healthcare organizations and hospitals. In fact, hundreds of thousands of computers and systems have been brought down by ransomware, and this trend is poised to continue. Cyberattacks like WannaCry have exposed vulnerabilitiesin many operating systems that must be addressed by IT departments.

[ Read More ]

Cybersecurity ‘context’ matters when protecting patient data, expert says

Infosec teams need to know about EHRs, timing eccentricity and other challenges of detecting inappropriate access.Information security teams use many tools to protect patient data and now a Vanderbilt University researcher said its time to add a new tactic for detecting inappropriate access to medical information. The industry needs to move beyond statistical anomaly detection

[ Read More ]

Aetna’s New Approach to Authentication

Aetna will move from passwords to continuous behavioral authentication next year on its consumer mobile and web applications because it’s more secure and easier for the end user, says Jim Routh, the health insurer’s CISO.”Passwords as binary authentication tools have been standard but are really reaching an end of life. What’s necessary is more of

[ Read More ]

Solution for cybersecurity staff shortage

Amidst increasing incidents of cybercrime, many employers are looking to expand their cybersecurity teams this year to better protect their systems against threats. In the healthcare industry, employers plan to expand staff by 20% or more, according to the (ISC)2 Global Information Security Workforce Study (GISWS). However, such expansion plans may not push through given

[ Read More ]

Analyzing Changes to EHR Certification Practices

Recent changes by the Department of Health and Human Services to the certification program for electronic health record software could potentially weaken efforts to ensure EHRs meet federal requirements, including those that impact security, says healthcare attorney Maya Uppaluru, a former staff member at HHS’ Office of the National Coordinator for Health IT.

[ Read More ]

Hacking still healthcare’s top threat, but insider threats often go unnoticed

More than half of Augusts breaches were caused by hacking incidents, while one insider hack went undetected for two years, according to the latest Protenus Breach Barometer.Healthcare is still struggling with two major threats: hacking and insider threats, according to the August Protenus Breach Barometer released on Wednesday.Protenus analyzed data compiled from the U.S. Department

[ Read More ]

Partnership hopes to help organizations better gauge 3rd party cyber risks

CyberGRX and BitSight merge their tools as this type of risk is a top cybersecurity concern for healthcare organizations.Accounting for the risk third-party systems and services bring into a healthcare organization is a top challenge for hospitals and health systems trying to bolster their cybersecurity posture.As healthcare digital ecosystems continue to expand, the number of

[ Read More ]