As health systems shore up their defenses against cybercriminals, they should openly communicate with their third-party vendors about data security risks and work together to actively manage those risks. That was some of the advice given by Aaron Miri, Baptist Health’s chief digital and information officer, during a Tuesday webinar.
HHS issued an alert warning providers about Rhysida, a ransomware gang that recently begun launching attacks on healthcare organizations. The group deploys its ransomware primarily through phishing attacks or the exploitation of legitimate cybersecurity tools.
Munck Wilson Mandala Partner Greg Howison shared his perspective on some of the legal ramifications around AI, IP, connected devices and the data they generate, in response to emailed questions.
The average cost of a healthcare data breach is now $10.93 million, up from $10.10 million in 2022, according to a new report. Healthcare has the highest data breach costs of all industries — breaches are second costliest in the financial sector, where the average cost is $5.9 million.
The Health3PT Initiative recently released recommendations on how providers can better address the cybersecurity risks linked to their third party reliance. Some of the group’s recommendations included ensuring that contract language ties financial terms to a vendor’s data management transparency and establishing metrics and reporting requirements for organization-wide vendor risks.
To prevent the proliferation of data security incidents in the healthcare industry, providers must examine their use of legacy systems as well as their reliance on third parties, according to a new report. It pointed out that most providers fail to probe their third-party partners' cybersecurity measures, and many continue to use legacy systems that are no longer supported by vendors or are hard to patch and update.
HCA Healthcare recently suffered a data breach affecting 1,038 hospitals and physician clinics across 20 states. The health system said hackers stole data from an external data storage location "exclusively used to automate the formatting of email messages." It also said that the incident has not caused any disruption to HCA's daily operations or the services it provides to patients.
At the Abarca Forward conference earlier this year, George Van Antwerp, managing director at Deloitte, discussed how social determinants of health and a personalized member experience can improve medication adherence and health outcomes.
Clop, a Russian ransomware gang known for going after healthcare providers, has been recently exploiting a software vulnerability called MOVEit. Johns Hopkins University and its health system were recently victims of a data breach caused by hackers targeting this vulnerability, as was Texas-based Harris Health System.
HC3 recently warned healthcare providers about a "relatively unknown" ransomware gang named TimisoaraHackerTeam. The group leverages legitimate software tools like Microsoft’s BitLocker and Jetico’s BestCrypt to deliver its malware.
A group of federal agencies recently released an updated set of guidelines to help healthcare organizations protect themselves from ransomware attacks and the data breaches that often follow. The guidance lays out best practices to prevent the six major ways that bad actors gain access to providers’ systems, which include compromised credentials and phishing.
Regulators have become increasingly concerned about the potential for medical devices to become a vector for spreading malware attacks across hospital networks, resulting in untold patient harm and billions of dollars globally.
We will highlight Build My Health's revenue practice management tools, which could help physician practices add up to $250,000 to their practices.
Federal officials are sounding the alarm on two ransomware groups that are actively targeting the healthcare sector: Cl0p and LockBit. In recent months, the groups have been exploiting three known software vulnerabilities in cyberattacks they have waged against healthcare businesses across the country.
The Health Sector Cybersecurity Coordination Center (HC3) recently issued a report letting healthcare organizations know that they are still being heavily targeted by KillNet, a Russian group of cybercriminals. The number of daily attacks KillNet waged against healthcare organizations using Microsoft Azure increased significantly between November 18 and February 17 — from 10-20 attacks per day in November to 40-60 attacks per day in February.
The ViVE conference in Nashville, powered by HLTH and CHIME, offered an overview of the latest developments in health tech spanning interoperability, cybersecurity, price transparency, behavioral health and health equity.
In an interview at the Vive conference in Nashville, Tennessee, Craig Richardville, Intermountain's chief digital and information officer outlined the three areas of priority for Intermountain Health for which technology can be leveraged. But when it comes to a major headache for CIOs, Richardville seems to suggest that a government-led all-hands-on-deck approach is what is needed.
Executives from health systems and subject matter experts shared how they are contending with data security challenges, particularly training to change behavior and acquiring expertise in cybersecurity.