It is safe to assume that most hospitals still struggle to find ways to address their medical device cybersecurity risks. The primary challenge is not technical, it’s the organizational inertia that keeps getting in the way. At the same time, the pace of these risks increases as hackers find new ways to exploit the litany of vulnerabilities, so the risk-control gap continues to grow.
Read Clyde Hewitt's full article here.
David Finn discusses the risks faced by interconnected organizations in the healthcare sector and how the number of people affected by the April ransomware attack on Magellan Health continues to grow.
David Holtzman discusses the preliminary settlement of a class action data breach lawsuit against Iowa Health System (a.k.a UnityPoint Health).
Why are some breach notifications delayed for months? David Bailey discusses the statement made by Choice Health Management Services which issued a step-by-step explanation on breach notifications.
In this recent Business Insider article, they discuss the future of medical appointments being remote and how hospitals are making the transition and dodging new cyber threats.
David Finn discusses two recent health data breaches that illustrate persistent security challenges – defending against ransomware attacks as well as unauthorized access to email.
What will happen after July 25th? The Federal government's recent policy changes for facilitating patient care during COVID-19 may have an impact on telehealth restrictions in the future.
In the latest article by Healthcareinfosecurity.com David Holtzman discusses the major health data breaches that have been added to the federal tally in recent weeks.
Cyberwire’s latest podcast features Caleb Barlow as he discusses the challenges of securing medical records.
Cyberwire’s latest podcast features Caleb Barlow as he discusses his responsibilities during an incident from the SOC operator to the CEO.
In the latest article by Healthcareinfosecurity.com David Holtzman discusses the class action lawsuit filed against accounting firm BST & Co. CPAs LLC that allegedly exposed patient information.
Cyberwire’s latest podcast features Caleb Barlow as he discusses how hospital CISOs are dealing with the COVID-19 situation.
A software error that briefly allowed individuals to access other patients' telehealth appointment recordings serves as a reminder of potential security.
UCSF released a report that shows that academic healthcare systems and healthcare sector entities both have been favorite targets of hackers during the COVID-19 pandemic.
Healthcare providers, insurers, and business associates reported 16 data breaches to the federal government in May, the lowest number of data breaches reported in a single month in more than 4 years.
![Marti Arvin, Adam Greene and Joan Podleski on COVID-19 Disclosure Issues [Podcast]](https://content.cdntwrk.com/mediaproxy?url=https%3A%2F%2Fcontent.cdntwrk.com%2Ffiles%2FaHViPTcyNjQ5JmNtZD1pdGVtZWRpdG9yaW1hZ2UmZmlsZW5hbWU9aXRlbWVkaXRvcmltYWdlXzVlZDkyYTU4ZDNhMjIucG5nJnZlcnNpb249MDAwMCZzaWc9NWI2OTBlZTMyZWM2NzFjMDY1NWYzNDFkMzAxMGZmYTg%25253D&size=1&version=1592239422&sig=6fffacaf1d089d68486490054e91d188&default=hubs%2Ftilebg-blogs.jpg)
Marti Arvin joins The Compliance and Ethics Blog podcast with guests as they discuss questions around the coronavirus pandemic about what is and isn’t permissible.
David Holtzman, Executive Advisor at CTEK discusses with Healthcare Info Security on the potential risks posed by employees inappropriately using personal devices during COVID-19.
David Holtzman, Executive Advisor at CynergisTek, contributes this article, which focuses on the HHS’s new strategic plan for its oversight of HHS COVID-19.
Cyberwire’s latest podcast features Caleb Barlow as he discusses if GDPR may have unintended consequences for stopping COVID-19 scammers.
Cyberwire’s latest podcast features Caleb Barlow as he discusses Alan Brunacini’s concept of an Incident Action Plan.
David Holtzman Executive Advisor at CynergisTek contributes this article, which focuses on how healthcare providers deal with the security of their vendors, as well as HIPAA requirements/suggestions.
