Syracuse ASC, dba Specialty Surgery Center of Central New York, has started notifying 24,891 patients that some of their protected health information (PHI) was potentially accessed by unauthorized individuals who gained access to its computer systems. The breach was identified by Syracuse ASC around March 31, 2021, and steps were immediately taken to secure its… Read More »
The theme of the fourth week of Cybersecurity Awareness Month is “Cybersecurity First”, with the focus on getting the message across to businesses about the need for cybersecurity measures to address vulnerabilities in products, processes, and people. Cybersecurity Advice for Companies One study suggests 64% of companies worldwide have experienced some form of cyberattack and… Read More »
A recent study conducted by the Ponemon Institute on behalf of cybersecurity firm SecureLink has explored the state of third-party security and critical access management at healthcare organizations. As with other industry sectors, remote access to internal systems is provided to third parties to allow them to perform essential business functions. Whenever a third party… Read More »
Secure, HIPAA-compliant messaging platforms have clear, measurable benefits for healthcare delivery organizations and help to solve communication problems in hospitals. Efficient communication in healthcare is vital but all too often valuable time is wasted trying to communicate important information to busy healthcare professionals due to the continued use of outdated communication methods such as landlines,… Read More »
When a federal agency provides healthcare services, there may be circumstances in which employees need to undergo both HIPAA and Privacy Act training. In addition, as an increasing number of states enact their own privacy laws, there may also be occasions when employees of state agencies require HIPAA and Privacy Act training. The Privacy Act… Read More »
The regulations relating to HIPAA training for employees are deliberately flexible because of the different functions Covered Entities perform, the different roles of employees, and the different level of access each employee has to Protected Health Information (PHI). The degree of flexibility can create misunderstandings about which employees require training, what training should be provided,… Read More »
A recent survey conducted on Chief Information Security Officer (CISO) members of the College of Healthcare Information Management Executives (CHIME) and Association for Executives in Healthcare Information Security (AEHIS) has highlighted the impact cybersecurity incidents have had on the healthcare industry and the need for federal assistance to deal with the threats. The healthcare industry… Read More »
B. Braun has released software updates to fix five vulnerabilities in its Infusomat Space and Perfusor Space Infusion Pumps. The vulnerabilities could be exploited remotely in a low complexity attack. In North America, the flaws affect Battery pack SP with WiFi (All software Versions 028U000061 and earlier) that have been installed in an Infusomat Space… Read More »
The hacker who gained access to the databases of University of Pittsburgh Medical Center (UPMC) and stole the personally identifiable information (PII) and W-2 information of approximately 65,000 UPMC employees has been handed the maximum sentence for the offenses and will serve 7 years in jail. Sean Johnson, of Detroit, Michigan – aka TheDearthStar and… Read More »
There was a 23.7% month-over-month increase in reported healthcare data breaches in September, which saw 47 data breaches of 500 or more records reported to the Department of Health and Human Services’ Office for Civil Rights. While that is more than 1.5 breaches a day, it is under the average of 55.5 breaches per month… Read More »