May 10, 2013 Added by:Steve Ragan
Before malware could become a threat to medical devices, Adam Ely said attackers would have to write malware specifically targeted to these devices and organizations; or the devices would have to adopt a standard platforms and software.
February 01, 2013 Added by:Danny Lieberman
In our previous post on patient privacy, we noted that patient data loss is a lot like planes disappearing in the Bermuda Triangle – no one really knows where the planes disappeared to, since the people on the planes never return to tell the story...
January 31, 2013 Added by:Rafal Los
Before you tell me that risk classifications are important, water is wet, the sun is hot and ice is cold, I'd like to remind you how many enterprises still do it poorly. I almost wish it was a simple as data telling you it's critical or not, but let's face it the game is very rarely that simple...
January 28, 2013 Added by:Danny Lieberman
It is no accident that the largest healthcare organizations have the highest rate of patient-privacy breaches. The old saying – “the bigger they are, the harder they fall” is true, but more than that is happening when it comes to patient-privacy breaches in America as a whole...
January 22, 2013 Added by:Danny Lieberman
After the sanity check with the team that constructed the threat scenarios, you and your HIPAA consultant need to calculate your Value at Risk. Calculating VaR will help shed light on where to save money and where to spend money...
January 05, 2013 Added by:Danny Lieberman
Patient data loss is a lot like planes disappearing in the Bermuda Triangle – no one really knows where the planes disappeared to, since the people on the planes never came back to tell the story. The same way we talk about patient data loss and never really consider how you can “lose” patient data and whether it can be “returned”.
December 17, 2012 Added by:Randall Frietzsche
We need a well-conceived set of administrative and technical controls - our policy, while still acknowledging that every living creature on the planet is organically attached to a smart device, must dictate that the user will follow the policy at risk of termination...
November 08, 2012 Added by:Danny Lieberman
Many technology vendors tout the idea of self management, and the advantages of mobile healthcare apps, virtual visits, tablets and e-detailing but in fact, a face-to-face relationship with a doctor is more powerful than a digital relationship alone. We don’t need Sherry Turkle to tell us that...
October 16, 2012 Added by:Danny Lieberman
If pharmaceutical companies can access data from patients, then they can design and manufacture better products. This is good for patient health but problematic for current regulation of patient privacy. There is no such thing as patient privacy once big commercial ventures like large pharmas get involved...
October 10, 2012 Added by:Danny Lieberman
For small to mid-size hospitals, nursing homes, medical device, healthcare IT vendors will have a much simpler audit and will be primarily interested in how cheaply the audit can be done and how much they can save using the technique of multiple threat analysis...
October 08, 2012 Added by:Pierluigi Paganini
In the last decade the number of cyber incidents related to technologies that surround us is growth exponentially, the principal concerns are related to all those objects with an "intelligent component" that we daily use expose on internet for different purposes...
October 03, 2012 Added by:Danny Lieberman
In order to prevent breaches of patient privacy, we first need to establish baseline business requirements for the organization. There are 6 business requirements for preventing patient privacy breaches, these are “must items” for any healthcare business unit manager...
September 17, 2012 Added by:Danny Lieberman
Humans being are naturally curious, sometimes vindictive and always worried when it comes to the health condition of friends and family. Being human, they will bend rules to get information and in the course of bending rules, breach patient privacy...
August 29, 2012 Added by:Danny Lieberman
As social media becomes part of the continuum of interaction in the physical and virtual worlds, privacy becomes an issue of discretionary disclosure control. Online privacy and patient privacy will evolve into a market for products and services with stratified pricing, packaging and product positioning...
August 20, 2012 Added by:Danny Lieberman
EHR interconnected with HIE systems have a big threat surface, because of big, very complex software systems with a large number of attacker entry points. Healthcare system vulnerabilities are compounded since everyone is using the same technology from Microsoft and following the same HIPAA compliance checklists...
August 09, 2012 Added by:Danny Lieberman
Health information exchanges (HIE) enable the sharing of health records by physicians and other providers, enabling my family physician to see the results without getting up from her desk or without me shlepping paper or CD. Unfortunately, HIE are being modeled after the retail industry supply-chain model...
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013