WannaCry

See the following -

Sidelined HHS Deputy Chief Information Security Officer blasts agency, claims cybersecurity center 'decimated'

Jessica Davis | Healthcare IT News | March 22, 2018

After being abruptly placed on admin leave, Leo Scanlon opens up about his 150-day leave, “dirty politics,” and what it means for the future of the HCCIC cybersecurity initiative...HHS’ HCCIC had overwhelming support from Congress and industry leaders when it launched as part of a partnership with the National Health Information Sharing and Analysis Center (NH-ISAC). It was designed to take a leadership role facilitating threat intelligence and other cybersecurity related information sharing and, in fact, played a pivotal role in fighting the global WannaCry attack in June of 2017.

Read More »

HHS cybersecurity center so unstable staff don't know if it exists, Congress argues

Jessica Davis | Health IT News | June 6, 2018

The Senate HELP and House Energy and Committees are highly concerned about the U.S. Department of Health and Human Services’ cybersecurity plan, preparedness and the lack of leadership of its Healthcare Cybersecurity and Communications Integration Center -- and is demanding answers from HHS Secretary Alex Azar. The bipartisan letter to Azar outlines a laundry list of issues at HHS when it comes to its security plan. Among them, includes the temporary reassignment of two senior HCCIC officials in charge of the day-to-day operations.

Read More »

HHS Emergency Update 2 - International Cyber Threat to Healthcare Organizations

Press Release | Assistant Secretary for Preparedness and Response | May 13, 2017

[The HHS Office of the Assistant Secretary for Preparedness and Response] held our sector call today with over 1800 participants. The information below is responsive to several requests for information noted on the call. In addition, we would like to flag for the community that a partner noted an exploitative social engineering activity whereby an individual called a hospital claiming to be from Microsoft and offering support if given access to their servers. It is likely that malicious actors will try and take advantage of the current situation in similar ways. Additionally, we received anecdotal notices of medical device ransomware infection. Please note the directions below.

Read More »

HIMSS19: Open Source Software for Disaster Preparedness and Response

Although not officially listed as a track at the HIMSS19 conference, there are a series of very important presentations on the use of open source software for disaster preparedness and response. This is a critical topic that we have covered extensively in Open Health News. As we detailed in this article, there was a major failure in being able to provide victims of Hurricane Harvey, as well as Hurricane Irma and Hurricane Maria with access to their medical records. Few emergency medical responders could access their records either. The two success stories that came out of the hurricanes were two open source electronic health record (EHR) systems, OpenEMR and the VA's open source VistA EHR.

Read More »

How Cyber Hardening Can Protect Patient Privacy And Treatment

The abundance of internet-connected devices that collect and share patient data has greatly increased the “attack surface” (where an attacker inserts or extracts data) and number of possible vulnerabilities within a system. Now that medical devices can connect to home-based routers, public Wi-Fi or cellular networks to relay data to hospitals, specialists, and care providers. In addition, the software in those devices lacks cybersecurity and can be updated and reprogrammed remotely. Thus, sensitive patient information is even more prone to data breaches, and the safety of the devices can be compromised. Recent supply chain compromises, and the migration of health applications and platforms to the cloud, also add to the threat equation. This article looks at why the medical community is so vulnerable and suggests how it can better protect life-saving equipment and sensitive data from unprecedented cyberattacks.

Read More »

Petya: The Poison Behind the Latest Ransomware Attack

Steven J. Vaughan-Nichols | ZD Net | June 28, 2017

First thing is first: If you're running Windows, patch your systems! The latest variant of Petya, GoldenEye, can attack if, and only if, one of your Windows PCs still hasn't been patched with Microsoft's March MS17-010. Microsoft thought patching this bug was important enough that it even patched it on its unsupported Windows XP operating system...

Read More »

Securing Health Data Means Going Well Beyond HIPAA

Jon R. Anderson | GovTech Works | August 17, 2017

A two-decade-old law designed to protect patients’ privacy may be preventing health care organizations from doing more to protect vulnerable health care data from theft or abuse. The Health Insurance Portability and Accountability Act (HIPAA) established strict rules for how health data can be stored and shared. But in making health care providers vigilant about privacy protection, HIPAA may inadvertently distract providers from focusing on something just as important: overall information security...

Read More »

Healthcare IT & Analytics Summit 2018

Event Details
Type: 
Conference
Date: 
June 21, 2018 (All day) - June 22, 2018 (All day)
Location: 
Baltimore, MD
United States

The Healthcare IT & Analytics Summit is a gathering for C-Suite & Industry Thought Leaders to discuss IT, Data & Analytics, and cybersecurity challenges currently facing the healthcare industry. We will examine such issues as patient care, controlling costs, improving reimbursements, securing patient and data privacy, and transforming data into actionable information to make smarter business and clinical decisions.

Read More »