February 27, 2018

How drug diversion can enable patients to unknowingly become infected with Hepatitis C

Perhaps this is a question you have never thought to ask, and before April of 2009 it was not even in the realm of curiosity for me either. But as I entered Urgent Care for what I thought might be bronchitis or something similar, only to be asked by the medical assistant, “Do you know you are yellow?” my world was immediately turned upside down. A trip to the ER and several other doctor’s visits and blood tests later confirmed I had Hepatitis C.

Continue Reading
February 15, 2017

A Virtual Goldmine: Why Criminals Target Patient Data (Part 2)

It is no secret that electronic health records (EHRs) are incredibly valuable. One needs to only look at the number of cyber attacks that target healthcare organizations as proof that those records contain extremely valuable patient information.

Continue Reading
February 8, 2017

A Virtual Goldmine: Why Criminals Target Patient Data (Part 1)

The healthcare industry is under siege.

Health data breaches of patient information have become all too common, with both external and insider threats trying to gain access to patients’ electronic health records (EHRs), and it does not appear that the number of attacks will ease up anytime soon. But this begs the question: Why are EHRs so vulnerable to attack? And why do criminals target them in the first place?

Continue Reading
November 9, 2016

Phishing Attacks: A Hacker’s Gateway to Patient Health Records

Over the past few weeks, we focused our “Patients at Risk” series on the various threats that hospital insiders present to patient data. Now, we are shifting our attention to ones stemming from external parties.

Continue Reading
September 28, 2016

Hospitals’ Biggest Threat to Patient Data is Hiding in Plain Sight

The Dark Overlord made headlines earlier this year by advertising the availability of 9.2 million US hospital records on the Dark Web and selling them for 730 bitcoin, which is more than $450,000. Just a few weeks ago, Fancy Bear, a Russian cyber espionage group, exposed medical records of top olympians, revealing that they had received exemptions to use doping medications. Hackers receive a great deal of media attention because their tactics are deeply mysterious to the average person and frequently result in the exposure of thousands of records. However, one group’s activity potentially represents the biggest threat to patient data: insider snooping. These snoops are hospital employees who have access to the EHR and misuse this privileged access. They look at the medical records of colleagues, family and friends out of curiosity, for potential blackmail purposes, or a host of other reasons.

Continue Reading

Receive the latest article to your inbox