Cybersecurity task force addresses medical device safety

In an effort to harmonize the work being done in hospitals and by device manufacturers to address medical device vulnerabilities, Vizient has formed the Medical Device Cybersecurity Task Force. The mission of the task force is to provide leadership and facilitate collaboration to minimize the risk and cost of medical device cybersecurity by fostering standard […]

Mobile devices boost digital transformation in healthcare, but security issues remain

Many industries are grappling with how to digitize their services, and healthcare is no different. Hospitals have turned to electronic medical records (EMR) and electronic health records (EHR) in recent years to streamline communication between doctors and improve the patient experience. Google and Windows have offered their services to hospitals, and Apple recently added a health […]

Critical remote code execution vulnerabilities impact Natus medical devices

A set of critical vulnerabilities have been uncovered in Natus NeuroWorks software which may place medical devices connecting to the software at risk. Earlier this week, researchers from Cisco Talos said in a blog post that the vulnerabilities could not only cause services to crash but may also allow attackers to remotely execute code on medical devices. […]

Most healthcare pros believe their organizations adequately protect patient data

Most of the healthcare professionals polled remain confident regarding their own organization’s cyber security protocols despite apprehensions connected with their own healthcare information and general healthcare infrastructure, according to a Venafi survey querying 122 healthcare professionals at the HIMSS18 conference in Las Vegas. In fact, seventy-nine percent said they are concerned about the cyber security […]

Fixing Hacks Has Deadly Impact on Hospitals

Breaches of private information in hospital records are serious and expensive security events but remediating them can be deadly. That’s the conclusion of a study presented last week at the 4A Security and Compliance Conference. The data shows that the type and scale of a breach don’t have an impact on patient outcomes but that breaches […]

IoT security warning: Cyber-attacks on medical devices could put patients at risk

Poor cybersecurity in Internet of Things (IoT) medical devices potentially poses risks to both the wellbeing of patients as well as to the infrastructure that keeps hospitals running. The Royal Academy of Engineering worked alongside the Petras Internet of Things research hub to produce a report on IoT, cyber-safety, and reliance — and the message is that […]

Medical Apps Come Packaged with Hardcoded Credentials

Two popular applications for medical records management contain hidden user accounts with hard-coded credentials that could be abused by hackers, a researcher has found. Rapid7 today published a report on the newly discovered security vulnerabilities (CVE-2018-5551 and CVE-2018-5552) in DocuTrac’s electronic medical record (EMR) software QuicDoc and Office Therapy billing software. DocuTrac software runs at […]

Exploring the Wide-Ranging IoT Risks in Healthcare

In today’s world, the Internet of Things (IoT) is ubiquitous and holds great potential, but also brings security concerns. While IoT devices are being used across industries, the healthcare industry’s experiences with insecure devices provide valuable lessons to heed. Many devices used in healthcare — including microscopes, refrigerators storing chemicals, pharmacy-compounding equipment, infusion pumps and […]

5 biggest healthcare security threats for 2018

Consumers are more worried now about their protected health information (PHI) being compromised, thanks to high-profile breaches like Anthem and Allscripts. The recent RSA Data Privacy Report surveyed 7,500 consumers in Europe and the US. It showed that 59 percent of the respondents were concerned about their medical data being compromised. Thirty-nine percent were worried that a hacker would tamper […]

Survey: 18 percent of healthcare employees willing to sell patient data

Nearly one in five employees in the healthcare field said they’re willing to sell confidential data like login credentials to unauthorized parties, a new survey from Accenture claims. Nearly one quarter of the survey’s respondents said they know someone in their organization who has sold their credentials or access to an unauthorized outsider. The study also found some employees […]