Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

25K patients affected by stolen laptop

A laptop computer stolen from an employee of a Montana provider has put the personal information of some 25,000 patients at risk.

21K Blue Shield Calif. members affected by breach

A data breach has affected 21,000 Blue Shield of California members.

FDA's device cybersecurity draft guidance focuses on what manufacturers can do

The FDA has issued a draft guidance detailing the steps medical device manufacturers should take to continually address cybersecurity risks to keep patients safe and better protect the public health.

Records discovered in abandoned homeless shelter

An anonymous tip led to the discovery of thousands of patient and employer records in a vacant building that used to house a homeless shelter, according to 7 Action News in Highland Park, Mich. 

DeSalvo, Savage address HIPAA guidance for patient access

Patient access to their helath information is guaranteed by HIPAA and is a "fundamental component of a high quaity, person-centered health system," according to a post on the Office of the National Coordinator for Health IT's blog. 

Missing flash drive affects 29K in Indiana

A missing flash drive is at the center of a recent data breach, potentially impacting 29,000 patients in Indiana. 

Minn. records go to trash rather than shredder

Minneapolis-based Allina Health System is notifying more than 6,100 patients that documents containing their personal information, rather than hitting the shredder, were thrown away in the trash. 

NY provider fined $15K for HIPAA violations

It's a lot less than other recent settlements but the University of Rochester Medical Center (URMC) is the latest provider to settle HIPAA enforcement action brought by New York State Attorney General Eric Schneiderman.

Around the web

U.S. health systems are increasingly leveraging digital health to conduct their operations, but how health systems are using digital health in their strategies can vary widely.

When human counselors are unavailable to provide work-based wellness coaching, robots can substitute—as long as the workers are comfortable with emerging technologies and the machines aren’t overly humanlike.

A vendor that supplies EHR software to public health agencies is partnering with a health-tech startup in the cloud-communications space to equip state and local governments for managing their response to the COVID-19 crisis.