January 31, 2020
While there are no shortage of technical approaches for hackers targeting a healthcare organization, the fact of the matter is that many attacks start with doctors, administrative workers and the other employees who might not have cybersecurity on the mind.
This approach, often referred to under the umbrella term of “social engineering,” is at the core of phishing, pretexting, baiting and several...
January 2, 2020
Healthcare is full of tensions. For security professionals at innovative health systems, one tension that can be hard to navigate is the pull between innovation and caution, a topic several experts discussed last month at the Healthcare Security Forum in Boston.
“The job of the CISO is to say no, to look at risk,” John Halamka, president of the Mayo Clinic Platform, said at the event. “I had a...
December 10, 2019
With the Internet of Things and connected medical devices, poor cybersecurity poses risks to both patient safety and the infrastructure that keeps hospitals running. It’s an ongoing challenge for healthcare security professionals.
What makes it such a challenge is that the hospital environment is a very different beast than it once was. Clinical delivery has moved from a palliative care model to...
October 31, 2018
October 25, 2018
Focus on Cybersecurity
In October, we take a deep dive into security strategy and pressing threats.
October 24, 2018
October 23, 2018
What with so many apps, connected medical devices and messaging systems the world of healthcare is going more mobile — no longer is every system under the umbrella of a hospital IT specialist. But that pivot toward digital health brings up questions for innovators and IT specialists about how to track and monitor security when building and implementing new products.
That’s where a security...
Intermountain CISO Karl West speaks on a panel at the HIMSS Healthcare Security Forum. (Photo by Donis Perkins).
October 22, 2018
As healthcare shifts towards consumerization, a related shift is happening in healthcare information security. The change is from a perimeter model to an identity model and from an emphasis on compliance to one on maturity, Karl West, chief information security officer at Intermountain Healthcare, said in a talk last week at the HIMSS Privacy and Security Forum.
“At Intermountain, 80 percent of...
October 19, 2018
Health systems, startups, and other stakeholders are banding together to create a series of standardized frameworks for innovators, starting with a standardized security assessment for business associate agreements.
The all-volunteer group, currently called the Digital Health Collaborative (the group plans to adopt an official name next year), was conceived at and first met at the HIMSS18 Global...
October 18, 2018
Xcertia, a standards and guidelines body for mobile apps, today announced the draft release of its updated Privacy and Security Guidelines, a document consisting of practical and descriptive advice for health app designers.
The group has opened the draft up for comment from stakeholders and industry members for the next 45 days, Chuck Parker, managing director at Xcertia, said here at the...