Security news aggregator

Latest coverage for Healthcare

Stay updated with the latest healthcare cybersecurity trends, news, and tips to protect patient data and comply with medical industry security standards.

7 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Healthcare is the delivery of clinical care and related services through hospitals, clinics, laboratories, pharmacies, insurers, and connected medical devices. It depends on electronic health records (EHRs), patient identity systems, diagnostic and imaging platforms, medication and scheduling systems, and data exchanges between organizations. These environments hold sensitive health and payment information, while the availability and integrity of systems can affect treatment, diagnostics, and patient safety.

Security concerns include unauthorized access or disclosure of records, alteration of clinical data, and disruption of care through attacks on EHRs, connected devices, or third-party services. Defenses require risk-based access controls, strong authentication, network separation where appropriate, secure device and software maintenance, backups that support clinical continuity, and tested downtime and incident-response procedures. Vulnerability management must account for legacy systems and devices that cannot be patched quickly. Privacy and compliance obligations, such as HIPAA in the United States, shape how organizations collect, use, share, retain, and report health information.

Showing 7 most recent headlines Filtered view
Bank Info Security 2 years, 5 months ago

HHS Rule Aligns Substance Disorder Privacy Regs With HIPAA

Final Rule for 42 CFR Part 2 Changes Aims to Improve Patient Care CoordinationThe Department of Health and Human Services has finalized regulations to better align federal requirements for the confidentiality of substance use disorder records with privacy protections afforded under HIPAA. The aim is to improve care coordination while enhancing sensitive data protections.

Bank Info Security 2 years, 5 months ago

Feds Warn Health Sector About Akira Again, Amid New Attacks

Recent Victims Include Pennsylvania Emergency Dispatch SystemU.S. federal authorities are again warning the healthcare sector about threats from the Akira ransomware group. The latest alert comes on the heels of several recent attacks by the gang, including one last month on Bucks County, Pennsylvania, which affected an IT system used by emergency responders.

Bank Info Security 2 years, 5 months ago

Breach Roundup: US Bans AI Robocalls

Also: A Widespread Linux Bootloader VulnerabilityThis week, the U.S. banned AI robocalls, researchers discovered a Linux bootloader flaw, France investigated health sector hackings, the feds offered money for Hive information, Verizon disclosed an insider breach, Germany opened a cybersecurity center, and cyberattack victims reported high costs.

Bank Info Security 2 years, 5 months ago

Record-Breaking Ransomware Profits Surpassed $1B in 2023

Ongoing Innovation and Sophistication Drive Unparalleled ProfitsAttackers wielding ransomware collectively earned over $1 billion last year - breaking previous records. Their increasingly sophisticated attacks targeted "high-profile institutions and critical infrastructure, including hospitals, schools and government," reported Chainalysis.

Bank Info Security 2 years, 5 months ago

Medical Center Fined $4.75M in Insider ID Theft Incident

HHS OCR Says a Malicious Worker Stole and Sold Patient Information in 2013HHS has fined a New York City medical center $4.75 million to settle potential HIPAA violations discovered during an investigation into a hospital insider who sold patient data to identity thieves in 2013. The hospital said it has beefed up its security and privacy since the incident occurred.

Bank Info Security 2 years, 5 months ago

Systems, Phones Still Offline at Chicago Children's Hospital

Cyberattacks on Pediatric Facilities Are Rare But Considered Especially EgregiousNetwork systems - including phones, email, electronic health records and patient portals - remain offline at a Chicago children's hospital and research center nearly a week after it was hit by a cyberattack. Such incidents targeting entities that cater to kids are especially egregious, experts say.