top of page

Forum Posts

Jeff
Jan 17, 2023
In Healthcare
A study just published in the Journal of the American Medical Association found that the number of ransomware attacks against hospitals and other medical institutions more than doubled from 2016 to 2021 — from 43 to 91 nationally, and that figure is likely under-reported. The study results suggest that ransomware attacks on healthcare delivery organizations are increasing in frequency and sophistication; disruptions to care during ransomware attacks may threaten patient safety and outcomes. Read the full article HERE.
Trends in Ransomware Attacks on US Hospitals, Clinics, and Other Health Care Delivery Organizations, 2016-2021 content media
0
0
11
Jeff
Dec 07, 2022
In Healthcare
Houston-based St. Luke's Health is notifying patients about a third-party data breach at consulting services vendor Adelanto Healthcare Ventures that resulted in the protected health information of 16,906 patients to be compromised. On Sept. 1, the vendor notified St. Luke's that two of its employee email accounts were compromised by an unknown party on Nov. 5, 2021, according to an Oct. 28 breach notification from the health system. The email accounts contained patient information such as names, addresses, dates of birth, Social Security numbers, dates of service, medical record numbers, Medicaid numbers, and limited information about treatment and diagnosis. Adelanto Healthcare Ventures said it has found no indication that the information has been misused, but St. Luke's said it will conduct an additional investigation into the incident. The health system is working to notify affected patients and in some cases will offer free credit monitoring. This event does not impact St. Luke's parent company, Chicago-based CommonSpirit Health, nor is it related to the ongoing ransomware attack affecting CommonSpirit and its affiliates, according to the breach notification.
0
0
6
Jeff
Dec 07, 2022
In Healthcare
Seattle Children's is alerting patients about a ransomware attack at a mail service vendor that has compromised the protected health information of 6,750 patients. In June, the mail service vendor, Kaye-Smith, learned that an unauthorized individual had gained access to information in its systems. The breach resulted in unauthorized access to patient information from Seattle Children's, according to a Sept. 22 breach notification shared with Becker's. The information compromised included names, addresses, provider names, medical record numbers, visits, lab information, guarantor numbers and names of insurance carriers. There is no evidence that the information compromised has been misused, according to Seattle Children's. The hospital said it is working with the vendor to evaluate the new safeguards it is putting in place in order to mitigate any further unauthorized access.
0
0
5
Jeff
Dec 07, 2022
In Healthcare
Hospitals and health systems are facing significant data security and privacy threats due to the lack of vetting of their third-party vendors, BankInfoSecurity reported Dec. 5. The Department of Health and Human Services' HIPAA breach reporting website showed that half of the 10 largest healthcare-related data breaches reported this year were caused by vendors or business associates. Security experts said this demonstrates the importance of vetting third-party providers and including cybersecurity standards in contracts and regular audits. "The reason business associate data breaches have skyrocketed is a simple numbers game," said Paul Hales, regulatory attorney of the Hales Law Group. "Criminals know that one successful business associate attack yields protected health information from hundreds of covered entities. In a sense, business associates are just couriers. Covered entities are the real targets." Since 2018, the attacks on business associates have doubled. Some hospitals and health systems that have reported compromised patient information due to a third-party data breach include Seattle Children's and Houston-based St. Luke's Health.
0
0
8

Jeff

More actions
bottom of page