As health systems shore up their defenses against cybercriminals, they should openly communicate with their third-party vendors about data security risks and work together to actively manage those risks. That was some of the advice given by Aaron Miri, Baptist Health’s chief digital and information officer, during a Tuesday webinar.
The Health3PT Initiative recently released recommendations on how providers can better address the cybersecurity risks linked to their third party reliance. Some of the group’s recommendations included ensuring that contract language ties financial terms to a vendor’s data management transparency and establishing metrics and reporting requirements for organization-wide vendor risks.
Munck Wilson Mandala Partner Greg Howison shared his perspective on some of the legal ramifications around AI, IP, connected devices and the data they generate, in response to emailed questions.
To prevent the proliferation of data security incidents in the healthcare industry, providers must examine their use of legacy systems as well as their reliance on third parties, according to a new report. It pointed out that most providers fail to probe their third-party partners' cybersecurity measures, and many continue to use legacy systems that are no longer supported by vendors or are hard to patch and update.
Clop, a Russian ransomware gang known for going after healthcare providers, has been recently exploiting a software vulnerability called MOVEit. Johns Hopkins University and its health system were recently victims of a data breach caused by hackers targeting this vulnerability, as was Texas-based Harris Health System.
Cerebral recently notified 3.1 million of its users that their private health information was shared with tech companies like Meta, Google and TikTok. The data breach stemmed from Cerebral's use of pixel tracking technology, which the company said has been discontinued or reconfigured.
CommonSpirit Health is facing a proposed class-action lawsuit over a ransomware attack it suffered last fall that exposed 623,774 patients' personal data. However, hospitals' data breach lawsuits usually never make it court, a legal expert said.
At the Abarca Forward conference earlier this year, George Van Antwerp, managing director at Deloitte, discussed how social determinants of health and a personalized member experience can improve medication adherence and health outcomes.
In 2022, the healthcare sector is on track to meet or exceed the more than 50.4 million patient records that were breached last year. As we look ahead to 2023, increasing cybersecurity budgets will be a necessity for healthcare organizations, despite their tight financial circumstances.
ECRI recently issued an alert warning hospitals about the cybersecurity risks associated with the use of third-party analytics tools, such as Meta Pixel, Google Analytics and Adobe Analytics. When providers install these tools on their websites and patient portals, they may be exposing patient data — which tech companies can use to target medical-related ads to consumers as they browse the Internet.
Indiana University Health has begun working with healthcare technology company TRIMEDX to test the security of connected medical devices at the health system’s medical device security lab. At the lab, IU Health and TRIMEDX will focus on testing new devices, configurations and security settings, as well as actively scanning medical equipment for security vulnerabilities.
One of the most popular analyst terms in 2022, cybersecurity mesh is a defense method for securing each device and critical access points with their own security perimeter. It builds a foundation of dynamic interoperability in the environment, rather than the traditional security protections of a single perimeter.
We will highlight Build My Health's revenue practice management tools, which could help physician practices add up to $250,000 to their practices.
By replacing manual processes with automated, artificial intelligence-powered analytics, healthcare organizations can position themselves to maintain both patient trust and financial stability.
Touchstone Medical Imaging has agreed to pay $3 million to HHS' Office for Civil Rights to settle a breach that exposed more than 300,000 patients' protected health information.
The most recent Protenus Breach Barometer, which looked at data from April through June of 2018, found 3,143,642 patient records were exposed in 142 data breaches.
A survey of 101 healthcare workers in IT and business/clinical positions asked respondents to rate their level of concern about insider cybersecurity threats, with 1 being not at all concerned and 10 being extremely concerned. The mean score was 8.2.
Sung Choi, a researcher at Vanderbilt University's Owen Graduate School of Management, says over 2,100 patient deaths annually are related to data breaches at hospitals. The finding relied on data from CMS and HHS.