Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Breached Change Healthcare server lacked multifactor authentication, UnitedHealth CEO admits
UnitedHealth CEO Andrew Witty told the Senate Finance Committee that systems have been rebuilt “from scratch” in light of the oversight.
Kaiser Permanente exposed data on 13.4 million members to tech companies
Tracking technologies sent patient information to advertisers such as Microsoft, Google and Meta.
Hackers were inside Change Healthcare’s systems 9 days before attack
UnitedHealth Group confirms hackers have personal data on “a substantial proportion of people in America."
Atrium Health sued for violating patient privacy, sharing data with Facebook and Google
In a court filing, the plaintiffs claim Atrium Health used Meta's Pixel code on its website, resulting in patients receiving targeted ads.
Massive data trove from Change Healthcare hack now for sale on dark web
Cybercriminal group RansomHub claims to have protected health information from nearly every American.

NIST announces plans to develop privacy framework

The National Institute of Standards and Technology (NIST) is creating a voluntary privacy framework that will help organizations find better ways to protect individuals’ private information in an age of new technology.

September 6, 2018

Report: Internal actors responsible for most healthcare breaches

Most system breaches that expose protected health information stem from internal actors, according to Verizon’s 2018 Protected Health Information Data Breach Report.

September 5, 2018

Houston hospital fires nurse after posting about measles patient in anti-vaxxer Facebook group

Texas Children’s Hospital has fired a nurse after she posted information about a child testing positive for measles to Facebook. The woman commented about the child’s symptoms in a group dedicated to so-called “anti-vaxxers,” who question the safety and effectiveness of vaccinations.

August 30, 2018

Phishing attack on AU Health exposes information of 417K people

The personal health information of 417,000 people may have been exposed following a phishing attack that targeted Augusta University (AU) Health in Augusta, Georgia.

August 28, 2018

Doctors, patients question privacy of medical records

After a note about a patient and her family was shared with another doctor, one physician looked at the benefits and consequences of having open medical records.

August 24, 2018

Judge approves Anthem's $115M settlement for data breach

Anthem, Inc.'s $115 million settlement for a data breach that exposed the personal information of millions has been approved by a federal judge, according to a report by Bloomberg Law.

August 20, 2018

More healthcare providers purchasing cyber insurance

With an increase of technology in the healthcare industry, providers now have a greater risk of being hacked and patient data being exposed. Due to that growing threat, more physicians are purchasing cyber insurance.

August 20, 2018

Survey: Only 18% of EHR safety guidelines fully implemented

Voluntary guidelines designed to increase the safety of electronic health records (EHRs) have yet to be implemented fully, according to a survey published in the Journal of the American Medical Informatics Association.

August 16, 2018

Around the web

AI in Healthcare

Biden Administration itemizes AI accomplishments to date

Half a year after President Biden officially directed federal agencies in the executive branch’s bailiwick to “seize the promise and manage the risks” of AI, the White House has posted a status report.

Cardiovascular Business

‘Concerning’ data connect industry payments to cardiologists with medical device use

U.S. physicians often receive payments from medical device manufacturers and pharmaceutical companies. New research in JAMA found a connection between receiving such payments and using specific devices—should the industry be concerned?

Cardiovascular Business

Cardiology groups share key update: ABMS seeking feedback on proposed Board of Cardiovascular Medicine

Five of the largest U.S. medical societies focused on cardiovascular health are one step closer to seeing their paradigm-shifting proposal become a reality.

Cybersecurity

Breached Change Healthcare server lacked multifactor authentication, UnitedHealth CEO admits

Kaiser Permanente exposed data on 13.4 million members to tech companies

Hackers were inside Change Healthcare’s systems 9 days before attack

Atrium Health sued for violating patient privacy, sharing data with Facebook and Google

Massive data trove from Change Healthcare hack now for sale on dark web

Around the web