With the healthcare industry expected to spend $125 billion on cybersecurity from 2020 to 2025, dollars must be spent for maximum efficiency. The question is, how to allocate those funds most effectively at a time when cybercriminals have placed a huge target on hospitals, research labs, pharmaceuticals and insurance carriers.
Organizations need to take a layered approach to security to protect their organizations and sensitive patient data. The smartest approach is to start at the perimeter and work back toward existing enterprise protections – here’s how to do that.
A company that offers psychotherapy to thousands of patients across Finland says it’s been the victim of a data breach, with the personal information of customers held for ransom. Vastaamo, which sees patients in 20 cities including Helsinki, Joensuu, Jyväskylä, Pori, Turku and Tampere, says “an unknown hostile party” got in touch with them saying they had obtained customer details.
Companies need to tangibly improve employee well-being, particularly when it comes to their security professionals. Here are three measures security leaders can incorporate into their organization now, before employees hit a breaking point.
Amidst this flurry of high-profile attacks comes National Cyber Security Awareness Month; a poignant reminder that, for hospitals and healthcare providers, cyberattack prevention and business continuity is truly a matter of life and death. Over the course of the pandemic, we have seen ransomware and phishing attacks against healthcare institutions — viewed by cybercriminals as vulnerable and profitable targets — dramatically skyrocket. But where, in an ever-evolving threat landscape, should healthcare organizations focus their attention?
According to Intertrust's 2020 Security Report on Global mHealth Apps, 71% of healthcare and medical apps have at least one serious vulnerability that could lead to a breach of medical data. The report investigated 100 publicly available global mobile healthcare apps across a range of categories—including telehealth, medical device, health commerce, and COVID-tracking—to uncover the most critical mHealth app threats.
In fact, HIPAA penalties do distinguish degrees of “not knowing,” yet that doesn’t mean - like the traffic violation above - that a hefty fine still won’t land in your lap. Can your company deal with even a $50,000 (per violation) hit to the pocket book? Here’s the breakdown of potential penalties per OCR (Office of Civil Rights) discretion, as noted in the HIPAA Journal.
The 2020 Cybersecurity Perception Study finds most people still don’t view cybersecurity as a career field for themselves, even as nearly one-third (29%) of respondents say they are considering a career change.
The Duesseldorf University Clinic in Germany was hit by a ransomware attack last week that forced staffers to direct emergency patients elsewhere. The cyberattack “crippled the entire IT network of the hospital." As a result, a woman seeking emergency treatment for a life-threatening condition died after she had to be taken to another city for treatment, according to several outlets.
In Oregon, the Portland City Council passed legislation, which bans both city government agencies and private businesses from using facial recognition technology on the city’s grounds.