Medical Device Security Archives

HIPAA Security Rule Enforcement: Where Things Stand in 2026

Apr 23, 2026 | Blog

For healthcare leaders trying to read the regulatory tea leaves, the honest answer in spring 2026 is this: the rules are not final, but the expectations haven't gone away. There's a particular kind of frustration that healthcare IT and compliance officers know well:...

Understanding CMS’s Health Technology Ecosystem Initiative: Legal, Policy, and Interoperability Risk

Apr 22, 2026 | Podcast

AHLA’s Speaking of Health Law | Sponsored by Clearwater The CMS Health Technology Ecosystem Initiative signals a broader shift in how health data is expected to move across providers, payers, networks, and consumer-facing tools. In this episode of AHLA Speaking of...

SQL Injection in OpenEMR Identified and Recommendations

Apr 15, 2026 | Blog

This post documents a blind time-based SQL injection in the PostCalendar module discoveredin OpenEMR 8.0.0. The SQL Injection is exploitable by an authenticated admin user and illustrates how a single determined attacker with a valid session can move from nuisance to...

Mythos and Like AI Tools Raise Stakes for Healthcare Cyber

Apr 9, 2026 | In the News

Experts Warn of Faster and Higher Volume Attacks, Rising Patient Safety Worries

Identity Under Pressure: Why Access Management Is Now a Patient Safety Issue in Healthcare

Apr 2, 2026 | Blog

For years, healthcare cyber risk was framed around the perimeter. Firewalls. Endpoints. Network defenses. The digital equivalent of locked doors and reinforced windows. That model no longer reflects how healthcare operates. Care now runs across cloud platforms, EHRs,...

CMMC and Health Care Organizations: Applicability, Risk, and Readiness

Apr 2, 2026 | Podcast

AHLA’s Speaking of Health Law | Sponsored by Clearwater The Cybersecurity Maturity Model Certification (CMMC) is gaining attention. Although CMMC originated within the Department of Defense, its reach is expanding into the health care ecosystem, often in ways that...

CMMC in Healthcare: What Cybersecurity Leaders Need to Know | Podcast

Apr 1, 2026 | Podcast

AHLA’s Speaking of Health Law | Sponsored by Clearwater Cyber risk in healthcare is no longer defined solely by HIPAA. As organizations become more connected to federal agencies, research partners, and complex vendor ecosystems, new requirements are entering the...

Resilience Is Built, Not Bought: Cybersecurity Lessons From a Rural Hospital

Mar 31, 2026 | In the News

Rural hospitals are not trying to do something unique with cybersecurity. They are trying to keep care available in their communities.

Wearing Two Hats and Choosing Resilience

Mar 30, 2026 | On-Demand Webinars

How Enloe Health Built a More Sustainable Security Program Cyber risk in healthcare is rarely just a technical challenge. It is a leadership challenge, a staffing challenge, and often a sustainability challenge. In this replay, Tom Osteen, CIO and CISO at Enloe...

Cloud-Based EHR Vendor Notifies SEC About Hacking Incident

Mar 30, 2026 | In the News

CareCloud: Intruder Accessed Systems for 8 Hours, Still Assessing Extent of Breach

« Older Entries