The healthcare industry is now the second most targeted vertical in the world, however despite increased regulatory oversight, cyber threat awareness and security investments, breaches continue to happen. Personal health information (PHI) and electronic health records (EHR) are particularly sensitive as they are...
The U.K.'s data protection regulator has fined Bupa Insurance Services £175,000 ($228,000) for failing to stop an employee from stealing 547,000 customer records, which were later offered for sale on the dark web. The ICO found that the health insurer's CRM system lacked adequate security controls.
The latest edition of the ISMG Security Report features Barbara Simons, co-author of the book "Broken Ballots," discussing why she believes it's a "national disgrace" that some states are relying on computer voting with no provision for recounts. Also: Update on breach lawsuit against Premera Blue Cross.
Almost 6 million Americans had their patient records stolen or exposed in healthcare breaches over the past year with ransomware being a frequent and highly effective form of attack. Recent successful variants such as SamSam and Ryuk have caused an estimated $7 million in damages alone.
Clearly, ransomware is a...
When is it acceptable to allow healthcare workers to use their personal smartphones to access patient records? A recent incident at the Oklahoma Department of Veterans Affairs spotlights the dilemma.
As the HIPAA security rule turns 20, it's time for regulators to make updates reflecting the changing cyberthreat landscape and technological evolution that's happened over the past two decades, says security expert Tom Walsh.
As Amazon expands its activities in healthcare, include a high-profile venture into the pharmacy business, the online retail giant will face a wide variety of important privacy issues, attorneys Jeffrey Short and Todd Nova explain.
Medical testing laboratory firm LabCorp is still working to fully recover systems functionality nearly a week after a cyberattack that the company now claims involved "a new variant" of ransomware. What can other organizations do to avoid becoming the next victim?
A mental healthcare practice's decision to pay a ransom to have sensitive patient data unlocked illustrates the difficult choices that organizations can face when attempting to recover from a ransomware attack.
At its core, HIPAA compliance is simply about maintaining patient privacy by ensuring the appropriate access to and use of patient data by your users. Electronic Health Record (EHR) solutions provide detail around when patient data is accessed, but without visibility into what users do with sensitive patient data...
CynergisTek's 2018 report aggregated ratings from security assessments performed at hundreds of healthcare organizations in 2017 to reveal an average 45% conformance with NIST Cybersecurity Framework (NIST CSF). The report found that of the NIST CSF five Core Elements, organizations had the lowest ratings in detecting...
The high-profile breaches of Fortune 100 companies are the ones that get the headlines, but small and midsized businesses should not breathe any sighs of relief. They are very much still targets, says Austin Murphy of CrowdStrike. He offers cybersecurity advice to SMBs.
The year's CrowdStrike® Global Threat Report offers one of the industry's most comprehensive reports on today's most damaging cyberattacks and dangerous adversaries. It contains valuable insights into the evolving threat landscape and includes recommendations that will help you be better prepared for the security...
With advances in big data, artificial intelligence, machine learning and more, healthcare is primed to innovate. But do HIPAA, GDPR and other regulatory standards inhibit the ability to innovate? This whitepaper discusses healthcare's complex convergence of innovation and compliance.
While this is a very...
Many banking institutions boast of being "digital first" and enabling "omnichannel banking." But are they fully aware of the new fraud risks they also are inviting? This whitepaper takes a deep dive into discussing how to mitigate omnichannel fraud and why it is not just a banking issue. There is a need for...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.