GDPR — Another Y2K or Real Apocalypse?
If you’ve been in this business long enough, you will have lived through multiple Hype Cycles. They start with some vaguely defined problem that if not addressed will lead to the end of the world, or at least, you and your organization’s world. We’ve seen this before, and now we’re about to see another wave of hype from GDPR, the EU’s latest personal privacy regulation set to take effect on May 25, 2018. The world is holding its breath for that day, much like another hyped event we were holding our collective breath on New Year’s Eve in 1999 — Y2K. After our own thorough evaluation of the GDPR security requirements, we’ve compiled the essential information U.S. companies need to know.
Likely Ransomware Attack Exposes 85K Patient Records in CA
California-based Center for Orthopaedic Specialists (COS) admitted that a recent cybersecurity incident, which was described similar to a ransomware attack, succeeded in encrypting 85,000 patient records. “The patient data that was encrypted by the unauthorized party could have included a patient’s name, date of birth, details about their medical records, and Social Security number. To the best of our knowledge, no patient information was downloaded or removed by the unauthorized party,” COS said in its April 18 web notice.
Best Practices for Keeping Patient Data Confidential
When you as a provider can promise that your patient’s private information actually stays private, you earn her trust, build solid relationships, and make your organization more credible. The effect helps differentiate you from other healthcare providers. Check out a few tried-and-true best practices for maintaining patient privacy and ensuring their information is safeguarded to the highest degree.
Helping Struggling Hospitals Recover from Ransomware Attacks
“Everybody has an ownership in terms of dealing with cybersecurity threats and in developing a cybersecurity strategy. Everybody has to be involved with it—providers, hospitals, third-party vendors, business associates, and employees,” he added. It is also important to get the boards of trustees involved in cybersecurity efforts at their organizations. Martinez related that he has been working in the healthcare industry for 40 years, including 20 years as a chief information officer in a variety of healthcare organizations.
Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.
Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners. © 2017 Critical Informatics, Inc. All rights reserved.