protected health information

See the following -

HHS Makes Changes to 'Wall of Shame' Breach Reporting Site

Marianne Kolbasuk McGee | Gov Info Security | July 25, 2017

The Department of Health and Human Services has made changes to its website, widely referred to as the "wall of shame," that lists reports of major health data breaches affecting 500 or more individuals. The changes come after complaints from some members of Congress and others that the website unfairly exposes breached organizations to endless public scrutiny because incidents are indefinitely listed on the site...

Read More »

Joint Study between VA and UL shows UL Cybersecurity Standard provides robust risk management for connected medical devices

Press Release | UL | October 16, 2019

The U.S. Department of Veteran Affairs (VA) and UL, a global safety science organization, today announced the completion of a two-year Cooperative Research and Development Agreement (CRADA) Program for medical device cybersecurity. As medical devices are susceptible to cybersecurity attacks, creating both patient safety risks and disclosure risks for protected health information, the VA and UL sought to address an existing gap in the marketplace for cybersecurity standards and practical certification approaches for connected medical devices. With the Internet of Medical Things (IoMT) revolutionizing patient care, increasing efficiency and improving healthcare quality, the VA aimed to find solutions for securing large-scale IoMT device deployments supporting mission-critical care delivery for roughly nine million patients under its care. Read More »

Medical Devices Reportedly Infected in Ransomware Attack

Elizabeth Snell | Health IT Security | May 16, 2017

The recent WannaCry ransomware attack that infiltrated more than 150 countries and forced some European healthcare organizations to suspend certain services reportedly infected certain medical devices as well. HITRUST explained in an email update that its investigations found that MedRad (Bayer), Siemens, and other unnamed medical devices were infected. Furthermore, Indicators of Compromise (IOCs) “were identified within the HITRUST Enhanced IOC program well in advance of last Friday’s attacks,” the organization stated...

Read More »