February 15, 2017

A Virtual Goldmine: Why Criminals Target Patient Data (Part 2)

It is no secret that electronic health records (EHRs) are incredibly valuable. One needs to only look at the number of cyber attacks that target healthcare organizations as proof that those records contain extremely valuable patient information.

Continue Reading
February 8, 2017

A Virtual Goldmine: Why Criminals Target Patient Data (Part 1)

The healthcare industry is under siege.

Health data breaches of patient information have become all too common, with both external and insider threats trying to gain access to patients’ electronic health records (EHRs), and it does not appear that the number of attacks will ease up anytime soon. But this begs the question: Why are EHRs so vulnerable to attack? And why do criminals target them in the first place?

Continue Reading
November 9, 2016

Phishing Attacks: A Hacker’s Gateway to Patient Health Records

Over the past few weeks, we focused our “Patients at Risk” series on the various threats that hospital insiders present to patient data. Now, we are shifting our attention to ones stemming from external parties.

Continue Reading
September 28, 2016

Hospitals’ Biggest Threat to Patient Data is Hiding in Plain Sight

The Dark Overlord made headlines earlier this year by advertising the availability of 9.2 million US hospital records on the Dark Web and selling them for 730 bitcoin, which is more than $450,000. Just a few weeks ago, Fancy Bear, a Russian cyber espionage group, exposed medical records of top olympians, revealing that they had received exemptions to use doping medications. Hackers receive a great deal of media attention because their tactics are deeply mysterious to the average person and frequently result in the exposure of thousands of records. However, one group’s activity potentially represents the biggest threat to patient data: insider snooping. These snoops are hospital employees who have access to the EHR and misuse this privileged access. They look at the medical records of colleagues, family and friends out of curiosity, for potential blackmail purposes, or a host of other reasons.

Continue Reading
September 1, 2016

VIPs and Presidential Candidates' Medical Records Face Heightened Privacy Vulnerabilities

Earlier this year, Jackson Memorial Hospital fired two employees for inappropriately accessing Giants defensive end Jason Pierre-Paul’s medical records. The two employees sold the information in the VIP’s record to ESPN’s Adam Schefter. Schefter, who has 5.19 million Twitter followers, tweeted the records while Pierre-Paul had surgery on his right index finger. Pierre-Paul sued ESPN and the NFL for violating his privacy under HIPAA, and in August, a judge ruled that Pierre-Paul could move forward with his lawsuit. This summer, the major-party U.S. Presidential candidates are facing scrutiny over their health records and history. They are under pressure to refute false claims and respond to amateur diagnoses circulating via various media outlets.

Continue Reading

Receive the latest article to your inbox