Security news aggregator

Latest coverage for Healthcare

Stay updated with the latest healthcare cybersecurity trends, news, and tips to protect patient data and comply with medical industry security standards.

9 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Healthcare is the delivery of clinical care and related services through hospitals, clinics, laboratories, pharmacies, insurers, and connected medical devices. It depends on electronic health records (EHRs), patient identity systems, diagnostic and imaging platforms, medication and scheduling systems, and data exchanges between organizations. These environments hold sensitive health and payment information, while the availability and integrity of systems can affect treatment, diagnostics, and patient safety.

Security concerns include unauthorized access or disclosure of records, alteration of clinical data, and disruption of care through attacks on EHRs, connected devices, or third-party services. Defenses require risk-based access controls, strong authentication, network separation where appropriate, secure device and software maintenance, backups that support clinical continuity, and tested downtime and incident-response procedures. Vulnerability management must account for legacy systems and devices that cannot be patched quickly. Privacy and compliance obligations, such as HIPAA in the United States, shape how organizations collect, use, share, retain, and report health information.

Showing 9 most recent headlines Filtered view

Cash splashed on damages, infrastructure improvements, and fraud monitoring A Seattle cancer facility has agreed to fork out around $52.5 million as part of a class action settlement linked to a Thanksgiving 2023 cyberattack where criminals directly threatened cancer patients with swat attacks.…

Breaking Out of the Security Mosh Pit When Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare IT environments, he doesn't mince words: "Healthcare loves to walk backwards into the future. And this is how we got here, because there are a lot of things that we could have prepared for that we didn't, because we were so concentrated on where we were." This chaotic approach has

Catholic Healthcare Organization Took IT Systems Offline in Response to IncidentCovenant Health, a Catholic healthcare organization serving New England and parts of Pennsylvania, is dealing with a cyber incident that has forced the entity to take its IT systems offline, affecting services at several of its facilities. That includes some hospitals and medical testing labs.

Case Stems From 'Malicious Insider' Accessing One Patient's Medical InformationA Florida health system paid $800,000 and will implement a corrective action plan to settle a federal HIPAA investigation into a malicious insider incident involving a patient's medical records in 2018. BayCare Health System did not admit wrongdoing.

Bank Info Security 1 year, 1 month ago

State of Healthcare Cybersecurity: Progress and Pitfalls

Phil Englert of Health ISAC, Murad Dikeidek of UI Health on Conquering ChallengesWhile the healthcare sector is making progress in cyber resilience, it still faces deep-rooted challenges, including collaboration, cyber workforce issues and budget constraints, necessitating a constant need for adaptation and re-prioritization, say security experts Phil Englert and Murad Dikeidek.

Bank Info Security 1 year, 1 month ago

Revenue Cycle Management Firm's Data Breach Total Soars

ALN Medical Management Now Says 1.82 Million Affected in 2024 Hacking IncidentThe number of people affected by a March 2024 hack on a healthcare revenue cycle management and billing services provider has soared in recent weeks to more than 1.82 million, as the company continues to file updated breach reports to state and federal regulators.

Some Patients Threatened Directly by Hackers; Center to Spend $13.5M on SecurityA Seattle cancer center has agreed to pay $11.5 million to settle a proposed class action lawsuit involving a 2023 double-extortion ransomware attack that affected 2.1 million people, with some patients directly threatened by hackers with swatting attacks if they didn't pay a ransom.

Bank Info Security 1 year, 1 month ago

AI in Healthcare: Top Privacy, Cyber, Regulatory Concerns

Emerging artificial intelligence and machine learning technologies being applied in the health and wellness space that are not necessarily covered by HIPAA but instead fall under a variety of tough new state privacy laws that are being enacted, said attorney Lily Li of Metaverse Law.