Cybersecurity Archives - HIT Leaders and News

Cybersecurity

UC San Diego Health Notifies Patients of Vendor Data Collection Issue

UC San Diego Health is notifying patients that its technology vendor, Solv Health, used analytics tools without its authorization on the scheduling websites for our Urgent Care and Express Care clinics. The analytics tools they used on the scheduling websites captured and transmitted information to their third-party service providers.

Agencies Recommend Action to Protect Networks from Compromise

The Cybersecurity & Infrastructure Security Agency this week released recommendations to help health care and other critical infrastructure organizations protect their networks from malicious cyber actions, based on a simulated attack the agency conducted against an organization at its request.

Digital Healthcare Platform Ordered to Pay Civil Penalties and Take Corrective Action for Unauthorized Disclosure of Personal Health Information

The Department of Justice, together with the Federal Trade Commission (FTC), announced today that the government has resolved allegations that GoodRx Holdings Inc., doing business as GoodRx Gold, GoodRx Care, and Hey Doctor (GoodRx), violated the FTC Act and the FTC’s Health Breach Notification Rule. Pursuant to a settlement by the parties, a consent order was entered last Friday by the U.S. District Court for the Northern District of California.

Lawsuits Filed Against Louisiana Hospitals

Two of the largest hospital networks in Louisiana have been using a tracking code embedded deep in their websites that shares sensitive patient data without the patients’ knowledge or consent, according to class-action lawsuits filed by Herman Herman & Katz trial lawyers.

US Not-for-Profit Hospital Cyberattacks Could Signal Greater Risk

Recent coordinated cyberattacks on US not-for-profit (NFP) hospitals and health systems’ websites are unlikely to drive any downgrades, but the attacks highlight the growing risks and capabilities of threat actors who could cause greater harm through more malicious attacks that affect healthcare delivery, Fitch Ratings says.

DCH: Notice to Our Patients of Data Privacy Event

DCH Health System has processes in place to audit workforce members’ access to electronic medical records maintained for the hospital’s patients. During a routine privacy audit on December 9, 2022, it was discovered that one of the hospital’s employed workforce members accessed the electronic medical records of a patient on December 5, 2022 without an apparent business reason. Upon further investigation, on December 12, 2022, DCH Health System discovered this employee had accessed and viewed additional DCH patient electronic medical records between September 2021 and December 9, 2022, without a legitimate business need related to the employee’s job duties.

Lab Pays $16,500 Settlement to HHS, Resolving Potential HIPAA Violation over Medical Records Request

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services announced a settlement with Life Hope Labs, LLC (“Life Hope Labs”), a full-service diagnostic laboratory in Sandy Springs, Georgia, concerning a potential violation of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule’s right of access provision. The rule requires that patients be able to access their health information in a timely manner

Howard Memorial Hospital in Southwest Arkansas Says Patient and Employee Data Stolen in Cybersecurity Attack

Howard Memorial Hospital in the Southwest Arkansas town of Nashville announced it had a data breach that may affect the confidentiality and security of patients as well as current and former employees.

Ransomware Attack at Lake Charles Memorial Health System Impacts 270,000 Patients

Hackers accessed the personal data of nearly 270,000 patients in an attempted ransomware attack on Lake Charles Memorial Health System in Louisiana during October of 2022.

Survey Shows Consumers are Excited, but Concerned, about Connected Healthcare Technologies

Trusted Future published a comprehensive national survey of 2,414 Americans to better understand how consumers are using connected health technologies to improve health, the barriers they feel must be overcome, and the potential steps policymakers can take to further improve outcomes from digital health technology.

CloudWave Acquires Sensato Cybersecurity

CloudWave, a provider of healthcare data security, announced the company has acquired Sensato Cybersecurity. Sensato, a managed cybersecurity services company focused on protecting healthcare providers from ransomware events and other cybersecurity threats, was founded by long-time health information technology visionary John Gomez, who will join CloudWave as chief security and engineering officer.

KLAS Research and Censinet Recognize Carium as Cybersecurity Transparent Leader at HLTH 2022

This week at HLTH in Las Vegas, Carium was presented an award for cybersecurity transparency by KLAS, a healthcare research and insights firm, and Censinet, the leading provider of healthcare IT risk solutions. This designation indicates Carium’s Care Experience Platform (CXP) meets rigorous requirements for deployment and integration into a healthcare provider’s environment.

Clinical Asset Management Leader TRIMEDX Announces Collaboration With Indiana University Health’s Medical Device Security Lab

TRIMEDX, a technology-enabled provider of clinical engineering, medical device cybersecurity, and clinical asset management solutions, announced a collaboration with Indiana University Health to develop a cybersecurity lab to test medical device security and reduce device security threats as part of the product development process.

How and Why Healthcare Organizations Need to Prioritize Risk Management

Healthcare organizations are facing an unprecedented level of cybersecurity risk. Within the first nine months of 2022, there have been more than 18,000 reported vulnerabilities – more than 600 new vulnerabilities per day. Research has shown that it takes an organization an average of 205 days to patch a vulnerability – more than six months. However, cybercriminals are weaponizing these vulnerabilities into zero day attacks in just three days. Is it any wonder that healthcare organizations are experiencing a record-breaking number of breaches?

Baton Rouge General Confirms Healthcare Data Breach

Baton Rouge, La.-based General Health System, which operates Baton Rouge General Medical Center, has confirmed that unauthorized individuals gained access to its network and exfiltrated files containing patient data.

Back to top

Company

Policies

Social

Please follow and ‘Like’ us

© HIT Leaders and News, a GO Digital Media & Publishing LLP publication. All rights reserved.