CMS interoperability rule enacted: How providers should tackle API security Data Breach by Jessica Davis - July 14, 20210 Sculpture “Life in the Community” in located at the exterior of the Health Care Financing Administration, the CMS enforcement arm. (Credit: Carol M. Highsmith/Library of Congress via Wikimedia Commons) On July 1, the Centers for Medicare and Medicaid Services began the enforcement of its Interoperability and Patient Access final rule, designed
Report: Cyberattacks drive 185% spike in health care data breaches in 2021 Data Breach by Jessica Davis - July 13, 20210 Lt. Juliana Lavopa charts patient information in the intensive care unit aboard the hospital ship USNS Comfort. The COVID-19 pandemic response has dramatically increased the threat landscape in the health care sector, according to Fortified Health Security. (Credit: Mass Communication Specialist 2nd Class Sara Eshleman/Navy) More than 22.8 million patients have
Could allowlisting reduce the impact of ransomware, cyberattacks on health care? Data Breach by Jessica Davis - July 13, 20210 Medical staff members work in the COVID-19 ward nursing station at the United Memorial Medical Center on Dec. 29, 2020, in Houston. One CEO says allowlisting is ideal for health care security stacks. (Photo: Go Nakamura/Getty Images) A recent IDC report confirmed the health care sector is more vulnerable to the
PACS vulnerabilities, data breach spur lawsuit against radiology specialists Data Breach by Jessica Davis - July 12, 20210 The Danbury, Conn., office of Northeast Radiology. The radiology specialist and its vendor Alliance HealthCare are being sued by patients impacted by its nine-month, PACS-related health care data breach. (Credit: Northeast Radiology) Northeast Radiology and its vendor Alliance HealthCare Services are facing a class-action lawsuit, more than a year after reporting
Data of 1.2M patients stolen prior to third-party vendor ransomware attack Data Breach by Jessica Davis - July 10, 20210 University Medical Center of Southern Nevada is among the list of providers that reported a breach of health care information in the last week. (University of Nevada School of Medicine, Las Vegas) Practicefirst Medical Management Solutions and PBS Medcode recently notified 1.2 million patients that their data was accessed and stolen
CMS, NIH ERM programs failed to account for national security risks, says OIG Data Breach by Jessica Davis - July 9, 20210 The National Institute of Health (NIH) Clinical Center in Bethesda, Md. An OIG audit found security gaps in the NIH and CMS enterprise risk management (ERM) programs. (Credit: Duane Lempke, CC0, via Wikimedia Commons) The Centers for Medicare and Medicaid Services enterprise risk management policies and procedures do not account for
Kroger reaches $5M settlement with breach victims, as Supreme Court defines ‘actual harm’ Data Breach by Jessica Davis - July 8, 20210 Kroger reached a $5 million lawsuit settlement with individuals impacted by a breach reported in February, as the Supreme Court hands down a decision on who can seek damages when a breach occurs. Here, a Kroger pharmacy personnel administers a vaccine. (PRNewsfoto/The Kroger Co.) Kroger reached a $5 million lawsuit settlement
Critical vulnerabilities in Philips Vue PACS devices could allow remote takeover Data Breach by Jessica Davis - July 8, 20210 A physician reviews medical images with the Philips Image Viewer for Vue PACS. Philips recently disclosed 15 critical vulnerabilities and provided patches or workarounds to remediate the risk. (Credit: Philips) Multiple critical vulnerabilities in Philips Clinical Collaboration Platform Portal could enable an attacker to take control over an affected system, according
HHS urges providers to secure PACS vulnerabilities exposing medical images Data Breach by Jessica Davis - July 6, 20210 Seen here, a Naval Medical Center San Diego’s Radiology Department. Radiology departments commonly leverage PACS to share medical images with other providers, but the tech holds inherent flaws that could enable the exposure of medical images. (Mass Communication Specialist Seaman Luke Cunningham/U.S. Navy) Health care entities should review system inventories to
Dominion National reaches $2M settlement over nine-year data breach Data Breach by Jessica Davis - July 6, 20210 A patient receives an eye exam at a free health clinic. The health plan administrator Dominion National reached a $2 million settlement with the 2.9 million patients affected by a data breach. (Photo by John Moore/Getty Images) Insurance giant Dominion National reached a $2 million settlement with the 2.9 million patients