Editor's Note A November 13 report from The Government Accountability Office (GAO) identifies critical gaps in the Department of Health and Human Services' (HHS) ability to manage cybersecurity risks in the healthcare and public health sector. HHS, the lead federal agency for cybersecurity in this sector, faces challenges in monitoring…

Read More

Editor's Note Cybersecurity threats in healthcare are increasingly driven by third-party vendors, affecting millions of patients and hospital systems globally, experts John Riggi and Richard Staynings emphasized at the HIMSS Healthcare Cybersecurity Forum. Healthcare Finance News reported on the experts’ testimony November 5. According to the article, cyberattacks have surged…

Read More

Editor's Note Iranian cyber actors employing techniques such as brute force, password spraying, and multifactor authentication (MFA) "push bombing" to compromise healthcare and other critical infrastructure sectors, the American Hospital Association (AHA) reported October 17. The report cites an October 16 joint advisory issued on October 16 by the FBI,…

Read More

Editor's Note The US Department of Health and Human Services (HHS) has withdrawn its appeal against a federal court decision that blocked a rule restricting hospitals from using tracking technology on their websites, HealthLeaders August 30 reports. This rule, proposed in December 2022 by the HHS Office for Civil Rights,…

Read More

Editor's Note A dispute over cameras in ORs reportedly added tension to nurse strike negotiations that recently culminated in a tentative agreement with union nurses at Brigham and Women's Hospital in Boston. According to an August 7 CBS News report, the OR cameras are intended to assist with robotic surgeries.…

Read More

One privilege of living at this time in history is the availability of choice, especially for health and surgical needs. Those who make healthcare their business understand this as well. According to Tanna et al, ambulatory surgery centers (ASCs) are spreading to rural areas, hospitals are creating hybrid outpatient surgery…

Read More

Editor's Note North Korean hackers targeted U.S. hospitals and healthcare systems with ransomware to fund a covert information exfiltration campaign against American military and scientific entities, according to a July 25 report from CBS News. The first attack was a May 2021 ransomware infiltration of a hospital in Kansas. The…

Read More

Editor's Note Although SecurityScorecard gave the US healthcare a “better than expected” B+ rating for cybersecurity in 2024, the supply chain cybersecurity firm also highlighted significant risks in application and endpoint security, HealthcareIT News reported June 25.   Overall, 35% of third-party data breaches in 2023 affected healthcare organizations, the…

Read More

Editor's Note A June 24 advisory from the FBI and Department of Health and Human Services warns healthcare organizations about attempts to steal payments through phishing and social engineering tactics, according to a post from the American Hospital Association (AHA). The attackers target employee email accounts to access login information…

Read More

Editor's Note Qilin, a ransomware group based in Russia, claimed responsibility for a cyberattack against pathology services provider Synnovis that paralyzed London Hospitals and is now requesting $50 million, Becker’s Health IT reported June 20. Citing a report from Bloomberg, the article notes that the attack disrupted services at London-based hospitals…

Read More