Privacy & Security

Don’t be a 2-factor 'phushover'
By Seth Fogie | 03:43 pm | April 15, 2022
When employees say yes to unsolicited push notifications, they effectively allow a malicious actor to bypass the controls offered by two-factor authentication – and open a new vulnerability for phishing attacks, or "phushing."
Healthcare worker using computer
Patients increasingly suing hospitals over data breaches
By Jeff Lagasse | 11:03 am | April 15, 2022
Top Stories April 15, 2022
COVID-19 public health emergency end looms; EHR outage hits federal agencies
By HIMSS TV | 10:00 am | April 15, 2022
This week's top stories include providers looking for an extension of the pandemic public health emergency that created waivers and flexibilities, and Oracle databases powering Cerner systems at DOD, Coast Guard and VA sites went offline for hours.
Doctor at computer
Hit with a cyberattack? Here's how to keep the feds informed
By Kat Jercich | 02:56 pm | April 14, 2022
The Cybersecurity and Infrastructure Security Agency released information detailing who should report incidents and what should be included.
FDA sign
FDA releases medical device cybersecurity draft guidance
By Kat Jercich | 04:32 pm | April 12, 2022
The agency is seeking stakeholder feedback on the guidance, which seeks to clearly outline its recommendations for premarket submission content when it comes to cybersecurity concerns. 
Imprivata acquires SecureLink
By Mike Miliard | 11:36 am | April 12, 2022
The addition of its technology will help secure third-party digital identities – "critical, but often overlooked and vulnerable points of access."
Hands on a keyboard
HHS cyber arm warns of teen criminals
By Kat Jercich | 03:56 pm | April 11, 2022
"They have already compromised healthcare organizations and have no reason to stop," said the Health Sector Cybersecurity Coordination Center about the group known as Lapsus$.
Cerner campus
EHR outage takes down federal Cerner systems
By Kat Jercich | 12:19 pm | April 11, 2022
Clinicians at dozens of Defense Department, Coast Guard and Veterans Affairs sites were unable to update medical records for hours this past Wednesday.
EU, cybersecurity
Are European healthcare systems ready for the cyber threat?
06:39 am | April 11, 2022
Experts say preparedness is stymied by funding gaps and complexity, according to Brussels-based Frieda Klotz.
Hands on a keyboard
HIX failed to report dozens of breaches, audit finds
By Kat Jercich | 03:40 pm | April 07, 2022
The State of Connecticut Auditors of Public Accounts found that the Connecticut Health Insurance Exchange experienced 44 breaches between July 2017 and March 2021.