Hacker Attacks in Healthcare: What’s Changed in 2016 So Far?

Hacks Are Still Common, But Fewer Patients Affected … Commenting on the apparent shift to smaller organizations being targeted for hacker attacks this year, Mark Dill, principal consultant at consultancy tw-Security, and former long-time CISO at the Cleveland Clinic notes: “Larger organizations – those most likely to have access to ‘mega’ amounts of data – […]

Read More

Transcribed Medical Records Exposed on the Web

Experts Offer Insights on How to Avoid Similar Security Blunders …”Due to changes and upgrades to systems, a system that is secure today could become vulnerable with the next change – thus the need to repeat the vulnerability scan periodically,” says Mark Dill, former longtime CISO at the Cleveland Clinic who is now a principal […]

Read More

Medicare’s New Physician Payment Plan: Impact on Security

Analyzing Proposal to End Part of HITECH Act’s EHR Incentive Program … Issues surrounding information blocking are often “subjective” and that could make enforcement by regulators difficult, says Tom Walsh, founder of security consulting firm, tw-Security. “Certain security controls may cause some unintentional consequences,” he notes. “For example, accidentally blocking a legitimate inbound or outbound […]

Read More

Anthem Breach: Lessons One Year Later

What Others Can Learn About Breach Prevention, Detection and Response … Organizations need to be far more aggressive in educating their workforce to recognize phishing schemes and implementing technical controls aimed at stopping phishing emails from penetrating their network perimeter, says Tom Walsh, founder of the security consulting firm tw-Security. “It only takes one phishing email […]

Read More

Hollywood Hospital Pays Ransom to Unlock Data

9 Steps to Take to Avoid Being the Next Extortion Victim To defend against ransomware attacks, it’s important to take a multi-pronged approach, says Mark Dill, principle consultant of consulting firm tw-Security and former long-time CISO at the Cleveland Clinic. “You can only attack this problem in a layered way – no one single fix […]

Read More

Hard Drives Lost, Affecting Nearly 1 Million

Incident Raises Issues About Encryption, Inventory Tracking The Centene incident shines a spotlight on the difficulties related to tracking IT inventory, says Tom Walsh, founder of security consulting firm tw-Security. “While the HIPAA Security Rule has an implementation specification of ‘accountability’ under the standard of ‘device and media controls,’ maintaining an accurate inventory and tracking […]

Read More

If EHR Incentive Program Ending, What’s Next?

Sizing Up Impact a New Regulatory Approach Will Have on Privacy, Security Unfortunately, some smaller provider organizations’ interest in conducting a risk assessment has been fueled only by qualifying for meaningful use incentive dollars, says Tom Walsh, founder of consulting firm tw-Security. “We see smaller providers that struggle every day just to keep their doors […]

Read More

Email Breaches Lead to ‘Wall of Shame’

Recent Health Data Incidents Spotlight Common Security Challenges “Phishing is definitely a top problem that doesn’t always get the attention it deserves,” says Mark Dill, who joined consulting firm tw-Security earlier this month from the Cleveland Clinic, where he served as director of information security for 15 years. For instance, the Verizon Data Breach Investigation […]

Read More