Healthcare Cybersecurity Weekly Briefing 06-22-2018

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

CI Security Creates Healthcare Board of Advisors 
The nine-member board is composed of current and former leaders of hospitals, clinics and insurers, as well as healthcare technology and healthcare investment firms. “The board members are extremely knowledgeable and experienced in a variety of healthcare sectors,” noted founder Michael Hamilton. “Their insights are incredibly valuable as we continue to improve our cybersecurity solutions to secure life-saving medical systems and protect patient data.

Healthcare Orgs, Device Makers Debate Cybersecurity Vulnerabilities
A number of medical organizations have submitted recommendations to the House Energy and Commerce Committee on how to reduce cybersecurity vulnerabilities in aging healthcare IT systems and medical devices under the committee’s Supported Lifetimes initiative. […] The American Hospital Association (AHA) noted that legacy devices are a key vulnerability to the healthcare system and called on manufacturers to provide better support to improve the security of their devices.

Dignity Health Under Investigation After Data Breach Affects 56K Patients 
The breach stemmed from a sorting error on an email list formatted by Healthgrades, an online appointment-scheduling site under contract with Dignity. The error led Dignity to accidentally send misaddressed emails to patients that included the wrong patient’s name, and in some cases, their physician’s name.

New Research Shows Patients Harmed by Medical Device Breaches
The survey, conducted by researchers at the University of California San Diego, is scheduled for publication in an academic journal. The results were announced by Christian Dameff, M.D., an emergency physician and clinical informatics researcher at UCSD at the HIMSS Healthcare Security Forum this week. The survey was conducted anonymously since cybersecurity vulnerabilities are a difficult area to study “despite such surveys being prone to bias,” Dameff told FierceHealthcare.

University of Texas MD Anderson Cancer Center was Fined $4.3M for Data Breaches
In 2012 a laptop containing 30,000 records was stolen from an employee’s home and later that same year a researcher at the center lost a USB drive containing patient records while on a shuttle bus. Another USB device containing patient data was lost the following year and in all cases the devices were unencrypted despite HIPPA privacy rule mandating encryption. The fine is for violations of the Health Insurance Portability and Accountability Act and is noticeably higher than previous breaches signaling officials are starting to failures to secure patient data more seriously.

 

Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.