Hackers have captured the attention of the healthcare security community, according to a new survey report, but the industry's data guardians feel hampered by a lack of manpower and money. A significant minority still report their systems are not encrypting patient data.
The Health Insurance Portability and Accountability Act—the law the federal government uses to police the privacy and security of the nation's health information—is turning 20, and some people may wonder if it's up to the job in 2016 and beyond.
An Arizona physician is the lead plaintiff in a class-action lawsuit alleging Banner Health is offering inadequate protection to victims of a massive data breach disclosed last week.
Last week's tweet of medical records hacked from an Ohio medical group is raising questions about social media's role in protecting patients' privacy. The post remained on Twitter for at least 16 hours.
Cybersecurity experts advise that the two types of data should be stored in computer systems separated by a firewall to avoid leaving both vulnerable if one is hacked. At Banner Health, both systems were penetrated.
Advocate Health Care and NorthShore University HealthSystem say the Federal Trade Commission has no economic or factual basis to continue challenging a proposed merger between the two systems.
A breach at Banner Health has left cybersecurity experts wondering if the healthcare industry, which in the past few years has been hit mercilessly with cyberattacks and ransomware threats, now has another weak spot—the point-of-sale system.
A hacker or group of hackers with possible links to a right-wing Ukrainian political faction posted to Twitter and to a Google cloud-based storage area more than a half-million documents, including patient information, from an Ohio healthcare provider.
Banner Health is contacting 3.7 million individuals whose personal information may have been accessed in a cyberattack that began on systems that process credit card payments for food and beverage purchases. The breach then expanded to include patient and health plan information.
HHS will fund an organization for cybersecurity professionals to exchange information about threats to the healthcare industry's IT systems. The goal is to allow providers, public health agencies and HHS to share information “about cyberthreats and provide outreach and education."
The University of Mississippi Medical Center paid a $2.75 million penalty to HHS as part of an agreement to resolve security problems found after the 2013 disappearance of a laptop computer with health information for as many as 10,000 people.
Providence Health & Services in Oregon is notifying about 5,400 current and former patients that a former employee may have improperly accessed their patient records.