Healthcare Cybersecurity Weekly Briefing 11-10-2017

Critical Informatics Healthcare Cyber Security

Critical Informatics Healthcare Cyber Security

Prioritizing Data Security Strategies for Health IT Infrastructure
Data security issues often arise with HIT infrastructure as organizations begin to make the upgrade from legacy systems, which may include an older operating system that is no longer supported or medical devices that were not originally designed to be connected to the internet. […] How do HIPAA rules apply to health IT infrastructure components, and how can organizations embrace new technologies while maintaining a high level of data security?

 

Cybersecurity Threats Pose Biggest Healthcare Hazard, ECRI Reports
Malware attacks in healthcare can put patient safety at risk, shutting off access to records, taking down medical devices and interrupting supply chains, according to a new report from the ECRI Institute that puts ransomware and cybersecurity threats at the top of its technology hazards list for 2018. […] As expected, the number of data breaches in healthcare is on the rise. So far, there have been more data breaches in 2017 than there were in 2016. Between Jan. 1 and Nov. 1, 2017, there were 255 breaches submitted to the Office for Civil Rights that are still under investigation and another 34 breaches that have been resolved—a total of 289.

 

Stakeholders Stress Healthcare Cybersecurity Focus for HHS
“We call on the Department to prioritize cybersecurity both within the Department and across the sector,” CHIME stated. “The recent attacks and referenced articles should serve as a call to action for the industry to collectively pursue actions to improve our cybersecurity posture including devoted increased attention to building and sustaining an amply equipped workforce to tackle increasing cyber threats.”

 

Unisys Predicts Proliferation of IoT and Other Connected Technologies Will Accelerate Security Threats to Life Sciences and Healthcare Industry
According to a recent report, in the second quarter of 2017 life sciences and healthcare organizations suffered more security incidents than any other industry, surpassing the public sector. Simultaneously, as more providers utilize personal or hand-held devices to access data, it means extremely valuable patient data is more vulnerable to cyber threats. In the coming years, the industry will see a rapid rise in ransomware and DDoS attacks that threaten patient data, as well as the business reputations of the organizations trusted to protect it.

 

Hacking Medical Devices is the Next Big Security Concern
The problem is widespread, it seems. Earlier this year, security firm Trend Micro conducted a study using Shodan, a search engine that indexes internet-connected devices, and found over 100,000 records relating to medical equipment and hospital computers worldwide that are openly exposed and potentially vulnerable to attack. […] Hackers are still one step behind on launching the kinds of sophisticated attack that would be needed to threaten patient health and hold hospitals to ransom, she says. But, she adds, “If had to go into hospital, I’d still be very concerned.”

 

Increased Patient Data Access Requires Strong Health Data Security
As more healthcare organizations offer increased options for patient data access, it is crucial that health data security measures do not become an afterthought. HIPAA regulations allow for patients to access their own health data, but there are still crucial privacy and security considerations that must be adhered to.

 

‘NHS Cyber Security Batsignal’ Peer-to-Peer Alerting System to Launch Next Month
The new community-developed incident and alerting service is designed to provide immediate alerts of future cyber security incidents and enable sharing of information on how to respond, ensuring digital leaders across the NHS can remain in contact even if official channels are out of action.

 

Security, Privacy Issues We Need to Solve Before Non-Medical Implants Become Pervasive
The cybernetic revolution is happening, and it’s imperative that civil liberties and privacy issues are addressed by system designers, innovators, regulators, and legislators, says James Scott, a Senior Fellow at cybersecurity think tank ICIT (Institute for Critical Infrastructure Technology). […] If we fail to do that, he says, there may not be any way to mitigate the onslaught of privacy and security harms poised to disrupt humanity’s potential evolution.

 

Stay up to date on the Healthcare Information Security news that you need to know by signing up for our Healthcare Briefing Here.

====

Critical Informatics and the Critical Informatics logo are the trademarks of Critical Informatics, Inc. All other brand names, trademarks, service marks and copyrights are the property of their respective owners.  © 2017 Critical Informatics, Inc. All rights reserved.

//]]>