Office of Civil Rights
See the following -
A Ransomware Epidemic And An Overdue National Health IT Safety Center
A rapid increase in computerization of health care organizations (HCOs) around the world has raised their profile as lucrative targets for cyber-criminals. Recently there has been a spate of high-profile ransomware attacks involving hospitals’ electronic health record (EHR) data.Briefly, ransomware attacks commonly start when a user is conned into clicking an internet link or opening a malicious email attachment. Malware, or software that is intended to damage or disable the computer, is then downloaded and rapidly encrypts data on that computer and attempts to reach out to other computers on the same network to encrypt data on those computers as well; consequently, all encrypted data is inaccessible...
- Login to post comments
Health IT Task Force Synthesizes Open API Themes
Health IT integration will reach a significant threshold when, as specified under 2015 Edition criteria, electronic health records systems and related tools must provide consumer-facing access to the Common Clinical Data Set via an application programming interface (API). Hard at work deciphering how consumers could leverage API technology to access patient data is the Joint API Privacy and Security Task Force...
- Login to post comments
On the Lack of Cyber Security of Medical Devices
Two weeks ago the U.S. Food and Drug Administration advised hospitals not to use Hospira's Symbiq infusion system, concluding that a security vulnerability enables hackers to take remote control of the system. The agency issued the advisory some 10 days after the U.S. Department of Homeland Security warned of the vulnerability in the pump. My view is that this will be the first of many advisories. For years, manufacturers of medical devices depended on the “kindness of strangers” assuming that devices would never be targeted by bad actors. EKG machines, IV pumps, and radiology workstations are all computers, often running un-patched old operating systems, ancient Java virtual machines, and old web servers that no one should currently have deployed in production.
- Login to post comments
ONC Playbook Breaks Down Health IT, EHR Tasks and Buzzwords
The healthcare industry seems to be largely driven by buzzwords: quick and snappy phrases that reduce complex, difficult, expensive and often confusing initiatives into keywords that may not mean much to the uninitiated. From big data and population health management to electronic health records and value-based care, these short and sweet terms have come to define the new direction of one of the nation’s largest sectors...
- Login to post comments
Patient Health Information Precariously Safeguarded, According to Privacy Analytics
According to a new infographic compiled by Ottawa data privacy company Privacy Analytics, costs associated with a data breach, including notification, legal fines, legal fees, forensics, PR, etc., amounts to approximately $208 per person. While data breaches across the board are damaging, from major corporate leaks like Target to member-based services like Ashley Madison, it’s the leaking of personal health information (PHI) that is most sensitive and which Privacy Analytics specializes in...
- Login to post comments
Precision Medicine Initiative Needs Help with Data Sharing Barriers
The White House is looking for input from the healthcare industry to identify new information technology activities that can help make President Obama’s $215 million Precision Medicine Initiative a reality.
- Login to post comments