Privacy & Security

It’s still taking many healthcare organizations far too long to discover a breach -- much longer than in other sectors.

Every hospital needs a plan for such events, experts at the Healthcare Security Forum say, but that’s just a start.

(SPONSORED) Caleb Barlow, vice president of threat intelligence at IBM Security, says sometimes a hospital's response (or lack thereof) to a data breach can be as damaging as the breach itself.

Medical records are valued at 20 to 50 times more than financial identities on the black market.

On 16th anniversary of 9/11 attacks, the former Homeland Security Secretary says the world is more perilous today.

Barry Herrin, principal at Herrin Health Law, says spending more money on security technology will only accomplish diminishing returns. Instead, hospitals should take a broader view of people and processes, implementing risk management frameworks such as NIST SP 800-53 and partnering with external threat groups such as InfoGuard and the FBI.

At the HIMSS Healthcare Security Forum, the chief information security officer of Penn Medicine describes the state of cybersecurity in 2017 – from the potential incidents that keep him awake at night to emerging signs of encouragement. He also explains why military veterans have the right skill sets for IT and security work.  

With security risks on all sides, healthcare providers must have a game plan. At the HIMSS Healthcare Security Forum, former U.S. Secretary of Homeland Security Tom Ridge lays out the top things they should be doing right now to gain visibility into the threats – and how they should be planning for the future – while explaining the lessons they can draw from the intelligence community.

Officials are still investigating the scope of the breach, but a preliminary investigation revealed hackers potentially accessed data from the Western region of the state.

Included in the ransacked databases was three years research data on leukemia patients.