Editor's Note "Why is healthcare cybersecurity so bad?" This is the central question explored in a December 4 video from STAT health tech reporter Brittany Trang, who also wrote an article on the subject earlier this year. Brought into sharp focus by data exposures related to the recent attack on…
Editor's Note A November 13 report from The Government Accountability Office (GAO) identifies critical gaps in the Department of Health and Human Services' (HHS) ability to manage cybersecurity risks in the healthcare and public health sector. HHS, the lead federal agency for cybersecurity in this sector, faces challenges in monitoring…
Editor's Note Cybersecurity threats in healthcare are increasingly driven by third-party vendors, affecting millions of patients and hospital systems globally, experts John Riggi and Richard Staynings emphasized at the HIMSS Healthcare Cybersecurity Forum. Healthcare Finance News reported on the experts’ testimony November 5. According to the article, cyberattacks have surged…
Editor's Note Iranian cyber actors employing techniques such as brute force, password spraying, and multifactor authentication (MFA) "push bombing" to compromise healthcare and other critical infrastructure sectors, the American Hospital Association (AHA) reported October 17. The report cites an October 16 joint advisory issued on October 16 by the FBI,…
Editor's Note The US Department of Health and Human Services (HHS) has withdrawn its appeal against a federal court decision that blocked a rule restricting hospitals from using tracking technology on their websites, HealthLeaders August 30 reports. This rule, proposed in December 2022 by the HHS Office for Civil Rights,…
Editor's Note A dispute over cameras in ORs reportedly added tension to nurse strike negotiations that recently culminated in a tentative agreement with union nurses at Brigham and Women's Hospital in Boston. According to an August 7 CBS News report, the OR cameras are intended to assist with robotic surgeries.…
One privilege of living at this time in history is the availability of choice, especially for health and surgical needs. Those who make healthcare their business understand this as well. According to Tanna et al, ambulatory surgery centers (ASCs) are spreading to rural areas, hospitals are creating hybrid outpatient surgery…
Editor's Note North Korean hackers targeted U.S. hospitals and healthcare systems with ransomware to fund a covert information exfiltration campaign against American military and scientific entities, according to a July 25 report from CBS News. The first attack was a May 2021 ransomware infiltration of a hospital in Kansas. The…
Editor's Note Although SecurityScorecard gave the US healthcare a “better than expected” B+ rating for cybersecurity in 2024, the supply chain cybersecurity firm also highlighted significant risks in application and endpoint security, HealthcareIT News reported June 25. Overall, 35% of third-party data breaches in 2023 affected healthcare organizations, the…
Editor's Note A June 24 advisory from the FBI and Department of Health and Human Services warns healthcare organizations about attempts to steal payments through phishing and social engineering tactics, according to a post from the American Hospital Association (AHA). The attackers target employee email accounts to access login information…