Healthcare Cybersecurity Weekly Briefing 05-18-2018

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

DHS Issues Cybersecurity Warning on Philips’ CT Scanners: 5 Things to Know
Philips reported various vulnerabilities in its Brilliance CT scanners to the National Cybersecurity and Communications Integration Center, the center wrote in a May 3 advisory. The NCCIC, part of the U.S. Department of Homeland Security, serves as a national hub for cybersecurity information and technical expertise, and operates a 24/7 analysis and incident response center. Here are five things to know about the vulnerabilities, which NCCIC wrote have the potential to affect healthcare and public health sectors worldwide.

When Medical Devices Get Hacked, Hospitals Often Don’t Know It
The past three months have seen a record high in medical device recalls, increasing 126 percent in the first quarter of 2018 from last year, according to the Stericycle Recall Index. The biggest culprit was software, which is unsurprising given the increase in high-tech devices that often run on legacy systems. While many healthcare systems have legacy platforms running on some aspect of its network — think MRIs and X-Ray machines — medical devices are one tool that can directly put patients at risk if a breach or software failure were to occur. “Security on devices doesn’t just impact HIPAA, it affects patient safety,” said Christian Dameff, MD, an emergency room doctor at the University of California San Diego.

The Oregon Clinic Patient PHI Exposed via Email Breach
The Oregon Clinic discovered on March 9 that an unauthorized third party had accessed an email account possibly exposing the personal health information for some of its patients. The clinic, which offers a wide variety of health-related services, investigated the incident and on April 19 determined that the incident only affected a single email account and the hacker did not gain access to any other part of the clinic’s network. The breach possibly revealed names, dates of birth, and certain medical information to include medical record numbers, diagnosis information, medical condition, diagnostic tests performed, prescription information, and/or health insurance information. In addition, some people may have had their Social Security numbers exposed.


Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.


Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.