News

A ransomware attack on the operator of non-profit clinics that serve the uninsured in St. Louis led to the breach of information on 152,000 patients, clinicians and employees.

Recent health data breaches involving phishing schemes are reminders of the persistent threat email-related scams pose to healthcare organizations - and the urgent need to mitigate that threat.

What should healthcare organizations know about complying with the breach notification and data security requirements of New York's SHIELD Act? And how does the new law compare with HIPAA? Jon Moore, chief risk officer at consulting firm Clearwater, explains.

Servers appear to be the Achilles heel of healthcare organizations’ data protection efforts. About 54 percent of all individuals affected by an information breach of a healthcare organizations were impacted by a breach involving that organization’s server, according to data on the breach portal of the Department of Health and Human Services’ Office for Civil Rights, culling security incidents from June 1, 2018, to May 31, 2019. A report this summer from Clearwater’s CyberIntelligence Institute says that, of the breaches in the previous 12 months, 90 healthcare breaches affecting more than 9 million individuals, were related to servers in some way.

Cyber risk management is not an “IT problem”; it is an enterprise risk management matter that can be harnessed ...

Reporting requirements of New York’s SHIELD Act go into effect on October 23; healthcare organizations that ...

Developed with industry leaders like Clearwater Compliance, Symantec, and others, new NIST guidance and a proposed ...

Efforts by the federal Office of Civil Rights to investigate data breaches at healthcare organizations are of great concern to security and compliance officers at healthcare organizations.

Jon Moore, Chief Risk Officer at Clearwater Compliance LLC, based in Nashville, Tennessee, said the survey essentially reflected what he sees in the industry.