Healthcare Cybersecurity Weekly Briefing 03-02-2018

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

HIMSS18 Focusing on Holistic Healthcare Cybersecurity
This year’s privacy and security focused presentations, keynotes, and workgroups are highlighting the importance of a holistic healthcare cybersecurity program. Organizations should continue to focus on key topics such as maintaining HIPAA compliance, improving medical device security, and implementing comprehensive employee training. But increasingly sophisticated cyber criminals require entities to ensure that numerous areas of data privacy and security are considered.

 

Federal Watchdog Slams Health Net for ‘Unprecedented’ Refusal to Comply with Vulnerability Testing
Health Net later refused to comply with data requests necessary to perform critical vulnerability and configuration management testing. On Feb. 7, Health Net responded to a formal memo from OIG, indicating that it would not provide the requested documentation, nor would it allow the agency to conduct testing. “Health Net’s refusal to allow this standard audit test work as part of our audit leaves multiple questions about Health Net’s vulnerability and configuration management programs unanswered,” the OIG stated in its report.

 

Hacking Pacemakers is Good TV, but is it for Real?
“The likelihood of an individual hacker successfully affecting a cardiovascular implantable electronic device or being able to target a specific patient is very low. A more likely scenario is that of a malware or ransomware attack affecting a hospital network and inhibiting communication,” Lakkireddy said in a news release.

 

Imaging Systems Biggest Security Risk in Healthcare
The report reveals that the most common types of security risks were found to originate from user practice issues such as using embedded browsers on medical workstations to surf the web, conduct online chat or download content, which accounted for 41% of all security issues identified. This was followed by outdated operating systems or software such as the use of legacy Windows versions, obsolete applications and unpatched firmware.

 

OCR Highlights 8 Tips for Avoiding Healthcare Phishing Attacks
Healthcare phishing attacks are becoming more sophisticated, which is why organizations must remain vigilant in their detection measures, OCR explained in its recent cybersecurity newsletter. Hackers can take advantage of popular holidays to try and take advantage of individuals, and phishing attacks are also common during tax season, the agency stated. Spear phishing can also be especially damaging to healthcare.

 

Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.