Thousands of physicians’ notes and medical records were left exposed by a fax server error within Meditab, an all-in-one multi-specialty EHR, Practice Management and Billing software solution, TechCrunch first reports. Dubai-based cybersecurity firm SpiderSilk discovered the unsecured exposed fax server was running an Elasticsearch database with over 6 million records since its creation in March 2018. It is unknown if anyone else discovered the exposed fax server or how long the data was
Read More
healthcare security breaches
Protecting Medical Device Security in the Age of Ransomware
From medication pumps to pacemakers, people depend on lifesaving devices to live their healthiest possible lives and manage chronic ailments. Many of those patients likely hear about cybercriminals orchestrating massive data breaches, and might get concerned about one of those incidents compromising their information.However, they probably haven’t considered the hackers might target the devices in their bodies or the ones they otherwise use for better well-being.Hospitals Must Pay Attention to
Read More
Evolving Hacker Behaviors to Disrupt Healthcare Services
Most people don’t spend much time thinking about what complex organizations hospitals are. Whether anticipating the joyful arrival of a newborn baby or worrying about an unexpected illness or injury, hospital visitors aren’t usually thinking about cybersecurity. Even most hospital employees only see a piece of the big picture, with little reason to consider operational risk.But lots of people are indeed losing sleep over cyber threats to patient safety — IT administrators and clinical engineers
Read More
Survey: 69% of Healthcare Providers Plan to Transfer More Health Data to the Cloud
Despite the security risks, 69 percent of healthcare organizations plan to transfer more sensitive data to the cloud in the near future, according to the 2018 Netwrix Cloud Security: In-Depth Report for Healthcare. The report reveals that most healthcare providers store sensitive data, such as electronic protected health information (ePHI), personally identifiable information (PII) and financial data, in the cloud, yet only a few of them have pervasive visibility into who is accessing that
Read More
5 Lessons Learned From The WannaCry Ransomware Attacks for Hospitals
Editor's Note: Richard Sullivan is chief government and revenue officer for Medsphere Systems Corporation, the solution provider for the OpenVista electronic health record.Will information technology ever realize an imagined future where security is strong enough, reliable enough, secure enough to block any and all attacks?It’s a dubious proposition made more uncertain by the recent WannaCry ransomware incident that started a couple of weeks ago and continued around the globe for several days.
Read More
Ransomware Leads the Way in 2017’s Predicted Rise in Health Data Theft
Editor’s Note: Santosh Varughese is the President of Cognetyx, a provider of ‘Ambient Cognitive Cyber Surveillance’ to protect information assets against cyber security threats, data breaches and privacy violations. Welcome to 2017, the writing is on the wall and it didn’t take long to get there. Earlier this month Atlanta’s Emory Healthcare was hacked by the Harak1r1 the 0.2 Bitcoin Ransomware. A database from the facility’s Brain Health Center containing data from more than 200,000 patients
Read More
New HHS CyberSecurity Initiative: Too Little, Too Late?
Editor’s Note: D’Arcy Guerin Gue is a co-founder of Phoenix, with over 25 years of experience in executive leadership, strategic planning, IT services, knowledge leadership, and industry relations — with a special focus on patient engagement and federal compliance issues. She currently serves as the Director of Industry Relations at Phoenix Health Systems, a division of Medsphere SystemsAfter years of increasingly dangerous data security and privacy breaches across the American healthcare
Read More
Are EHR Vendors Hackers’ Next Big Target?
Editor's Note: Mark Menke is the Chief Technology Officer of Network DLP at Digital Guardian, a data protection firm. Mark has over 20 years of experience in various roles from ASIC Design to IT and Security Consulting roles. Over the course of 2015, countless data breaches occurred within hospital networks, health insurers, physicians’ offices, and other organizations in the healthcare industry. In fact, Community Health Systems, Premera and Anthem were just a few of the most notable names who
Read More
Newsflash: Healthcare Does Not Spend Enough on IT Data Security
Mathematically, the gap between $3.6 million and $17,000 is a chasm.This is something you know well if you’re Hollywood Presbyterian Hospital, which paid the latter number to unlock patient data held hostage by malicious hackers using ransomware when the former number is what the hackers initially asked for.While the dramatic reduction in ransom may have caused Hollywood Presbyterian to breathe a sigh of relief, there is no reason they or you should feel comforted. Consider this an initial shot
Read More
MedStar Cyber Attack Shows Need for HHS to Implement Cybersecurity Law
The FBI is investigating a Monday cyber attack by anonymous hackers that forced MedStar Health's 10 hospitals and more than 250 outpatient centers to shut down their computers and email. After the cyber attack was discovered, the provider immediately made the decision to take down all of their systems as a precaution to ensure further security breaches. The Washington, D.C.-based healthcare system employs more than 30,000 people and treats hundreds of thousands of patients in the Washington
Read More