Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Ascension reverts to pen-and-paper operations after ransomware attack
Most of Ascension's retail pharmacies nationwide are unable to fill prescriptions or accept payments. During the outage, patients are being given pen-on-paper scripts.
Key trends in enterprise imaging
Radiology is going though a period of disruption with a growing radiologist shortage, decreasing reimbursements and increasing numbers of exams, making workflow efficiency a critical concern.
Ascension confirms ransomware caused service shutdowns, ambulance diversions
Emergency services are back up and running, but many patients will need to reschedule tests and treatments while systems at Ascension remain partially offline.
Six hospital groups urge UnitedHealth to take responsibility for Change Healthcare hack notifications
In a public letter, the groups are urging UnitedHealth Group to announce a timeline for notifying patients about what personal data was stolen in the breach of Change Healthcare's systems.
Ascension experiences disruption of operations after 'cybersecurity event'
A third-party security firm has been brought in to assess what systems were accessed and what data, if any, was taken.

Patient information exposed on Twitter during Gwinnett Medical Center breach

The FBI is currently investigating a reported data breach at the Gwinnett Medical Center in Lawrenceville, Georgia, according to a report by The Atlanta Journal-Constitution.

October 3, 2018

Cybersecurity threats named top health technology hazard for 2019

Cybersecurity and hacking threats were named the top technology hazard healthcare organizations are expected to face in 2019.

October 2, 2018

Aspire Health email system hacked, loses some protected health information

Nashville healthcare company Aspire Health is still trying to identify a hacker that attacked its email system and took some patient health information, according to a report by The Tennessean.

September 28, 2018

Healthcare providers, health plans accounted for most breaches, patient records exposed

Between 2010 and 2017, healthcare providers and health plans accounted for the most breaches and largest number of patient records compromised from breaches, according to a research letter published in JAMA.

September 26, 2018

UMass Memorial entities ordered to pay $230K fine for data breaches

The Massachusetts Office of the Attorney General announced on Thursday, Sept. 20, that UMass Memorial Medical Group, Inc. and UMass Memorial Medical Center, Inc. have been ordered to pay $230,000 following two separate data breaches that exposed the personal health information of more than 15,000 people.

September 25, 2018

Boston hospitals fined nearly $1M for potential HIPAA violations

The federal government has fined three Boston hospitals nearly $1 million for potential HIPAA violations regarding a documentary series.

September 21, 2018

Pennsylvania health insurance company warns of security breach

A Pennsylvania health insurance company issued a notice following a security incident that exposed the private health information of some members.

September 20, 2018

ER worker allegedly stole, sold patient records through encrypted phone app

A Brooklyn hospital emergency room worker is being accused of stealing private patient records and selling them through an encrypted phone application, according to a report by the New York Daily News.

September 17, 2018

Cybersecurity

Ascension reverts to pen-and-paper operations after ransomware attack

Key trends in enterprise imaging

Ascension confirms ransomware caused service shutdowns, ambulance diversions

Six hospital groups urge UnitedHealth to take responsibility for Change Healthcare hack notifications

Ascension experiences disruption of operations after 'cybersecurity event'