HEALTHCARE INFOSECURITY NEWSLETTER

April 2019

[Blog] The Skills and Qualifications Incident Response Professionals Need to be Successful

Macie Thompson, deltarisk.com, April 2, 2019

Are you planning to apply for a job in cyber security as an incident response professional? In this blog, we outline the skills and qualifications you will need to get there!

Read More

[Blog] G Suite Security: Five Mistakes Every Admin Should Avoid

Tempy Wright, deltarisk.com, March 28, 2019

Is your business migrating to or using G Suite? Check out our blog post on the top five mistakes that admins often make when dealing with G Suite security and tips for avoiding them.

Read More

Potentially Massive Breach of Protected Health Information Discovered

hipaajournal.com, March 19, 2019

California-based medical software provider Meditab Software Inc., and it’s Puerto Rico-based affiliate, MedPharm Services have suffered a massive breach of protected health information. Meditab provides electronic medical record (EMR) and practice management software to hospitals, physician’s offices, and pharmacies. According to the company website, its software is used by more than 2,200 healthcare clients.

Read More

Pen Testing of HHS Units Reveals Weaknesses

healthcareinfosecurity.com, March 14, 2019

Operating divisions of the Department of Health and Human Services need to shore up security controls to more effectively detect and prevent certain cyber-attacks, according to a new federal watchdog report. In a summary report, the HHS Office of Inspector General highlighted several security controls that need improvement across eight HHS operating divisions.

Read More

Healthcare Organizations Battling Phishing Attacks

reuters.com, March 8, 2019

Many healthcare organizations remain vulnerable to phishing attacks, a new study finds. When researchers sent simulated phishing emails, nearly one in seven of the messages were clicked by employees of healthcare systems, according to the report published in JAMA Network Open. In recent years, healthcare networks have had patient data exposed as a result of phishing attacks, and one large hospital network was crippled for two weeks by a computer virus, the study team notes.

Read More

Thousands of Patients Impacted by Ransomware Attack at Medical Billing Company

tripwire.com, March 7, 2019

Following a ransomware attack at a medical billing company, thousands of patients are being warned that their highly sensitive medical information and personal details were included the breached data. Michigan-based Wolverine Solutions Group (WSG) says that it discovered its systems had suffered a security breach on September 25 last year. Malware had infected the company’s computers and encrypted many of the firm’s records, rendering them inaccessible.

Read More

Hospitals’ Spending Lags on Digital Security

courier-tribune.com, March 11, 2019

Health care providers spent about five percent of their total information technology budgets on security last year, according to Gartner, a global research and advisory company. By comparison, banking and financial services companies spent 7.3 percent, retail and wholesale spent 6.1 percent and insurance spent 5.7 percent. Across 13 industries measured, the average was 6 percent.

Read More

Hospitals, Banks Face Greatest Financial Impact from Cyber Attacks

healthitsecurity.com, March 7, 2019

Hospitals, security firms, banks, market infrastructure providers potentially face the greatest financial impact from cyberattacks, which could lead to a weakened credit profile, according to a recent Moody’s Investors Service report. These four sectors represent $11.7 trillion in Moody’s-rated debt outstanding and are at a high risk of cyber exposure, the report authors wrote. The risk is tied to the four sectors’ reliance on confidential information and technology.

Read More

Device Makers Looking to FDA for Direction on Cyber Security

news.bloomberglaw.com, March 18, 2018

Medical device manufacturers grappling with a multitude of cyber security issues await final direction from the federal government on better protecting patients and managing risk. The Food and Drug Administration’s recently solicited comments on its draft premarket cyber security guidance. The proposed guidance provides updated recommendations for device manufacturers on how they can better protect their products from risks like ransomware or a catastrophic attack on a health system.

Read More