Healthcare Information Technology

ONC and CMS Propose New Rules on Patient Access and Information Blocking

On Monday, February 11, 2019, the HHS’ Office of the National Coordinator for Health Information Technology (ONC) and the Centers for Medicare and Medicaid Services (CMS) released new rules covering patient data access and information blocking.

The aim of the new rules is to advance interoperability and support the meaningful exchange and use of health information. The rules are intended to increase competition, encourage innovation, and give patients control over their health data.

One of the main goals is to make health information accessible via application programming interfaces (APIs). Currently consumers use a wide range of smartphone apps for paying bills and accessing information. It should be just as easy to gain access to healthcare data through apps and for healthcare data to be provided electronically at no cost.

One of the main requirements of the new rules is for healthcare providers and health plans to implement data sharing technologies that support the transition of care to new healthcare providers and health plans. Whenever a patient wishes to start seeing a new physician or wants to change to a new health plan, their health data should be seamlessly transferred.

The CMS rule proposes that by 2020, all healthcare organizations working with Medicare and Medicaid will be required to share health information and claims data with patients electronically via an API. This would make it easy for patents to change health plan and take their data with them. It will ensure that by 2020, 125 million patients will be able to receive their claims information electronically.

The ONC rule updates its conditions of certification, which require health IT developers to publish APIs that allow access to patient data without any special effort. The goal is for healthcare organizations to adopt standardized APIs to support the accessing of structured and unstructured health data via mobile devices.

The ONC rule implements the 21st Century Cure Act’s information blocking provisions and adds seven new exceptions to the information blocking rule – Actions and activities which are not classed as information blocking.

The new exceptions are:

  • Practices that prevent patients from being harmed
  • Practices that protect the privacy of electronic health information
  • Practices that ensure the security of electronic health information
  • Maintaining and improving health IT performance with user agreement
  • Recovering reasonable costs to allow the exchange, use, and accessing of electronic health information
  • Denying access, exchange, and use of electronic health information because it is unfeasible or would impose a substantial burden, which is unreasonable under the circumstances.
  • Licensing of technical artifacts to support the interoperability of electronic health information on reasonable and non-discriminatory terms

The ONC has proposed that healthcare providers found to be blocking information sharing should be named and shamed to discourage the practice and suggests that those organizations may also face financial penalties. “We are going to expose the bad actors who are purposely trying to keep patients from their own information,” explained CMS Administrator Seema Verma

Comments have also been requested on including pricing information along with electronic health information to allow patients to see exactly how much they are paying for their healthcare.

“These proposed rules strive to bring the nation’s healthcare system one step closer to a point where patients and clinicians have the access they need to all of a patient’s health information, helping them in making better choices about care and treatment,” said HHS Secretary Alex Azar. “By outlining specific requirements about electronic health information, we will be able to help patients, their caregivers, and providers securely access and share health information. These steps forward for health IT are essential to building a healthcare system that pays for value rather than procedures, especially through empowering patients as consumers.”

The post ONC and CMS Propose New Rules on Patient Access and Information Blocking appeared first on HIPAA Journal.

HIMSS Cybersecurity Survey: Phishing and Legacy Systems Raise Grave Concerns

Each year, HIMSS conducts a survey to gather information about security experiences and cybersecurity practices at healthcare organizations. The survey provides insights into the state of cybersecurity in healthcare and identifies attack trends and common security gaps.

166 health information security professionals were surveyed for the 2019 HIMSS Cybersecurity Survey, which was conducted from November to December 2018.

This year’s survey revealed security incidents are a universal phenomenon in healthcare. Almost three quarters (74%) of healthcare organizations experienced a significant security breach in the past 12 months. 22% said they had not experienced a significant security incident in the past year. The figures are in line with the 2018 HIMSS Cybersecurity Survey, when 21% of respondents said they had not experienced a significant security incident.

In 2018, 82% of hospital systems reported a significant security incident, as did almost two thirds of non-acute and vendor organizations.

The most common actors implicated in security incidents were online scam artists (28%) and negligent insiders (20%). Online scam artists used tactics such as phishing, spear phishing, whaling, and business email compromise to gain access to healthcare networks and data. Online scam artists often impersonate senior leaders in an organization and make requests for sensitive data and fraudulent wire transfers.

Threat actors use a variety of methods to gain access to healthcare networks and patient data, although a high percentage of security breaches in the past 12 months involved email. 59% of respondents said email was a main source of compromise. Human error was rated as a main source of compromise by 25% of respondents and was the second main cause of security incidents.

HIMSS said it is not surprising that so many healthcare organizations have experienced phishing attacks. Phishing attacks are easy to conduct, they are inexpensive, can be highly targeted, and they have a high success rate. Email accounts contain a trove of sensitive information such as financial data, the personal and health information of patients, technical data, and business information.

Even though email is one of the most common attack vectors, many healthcare organizations are not doing enough to reduce the risk of attacks. The HIMSS Cybersecurity Survey revealed 18% of healthcare organizations are not conducting phishing simulations on their employees to reinforce security awareness training and identify weak links.

While email security can be improved, there is concern that by making it harder for email attacks to succeed, healthcare organizations will encourage threat actors to look for alternative methods of compromise. It is therefore important for security leaders to diligently monitor other potential areas of compromise.

The most common ways that human error leads to the exposure of patient data is posting patient data on public facing websites, accidental data leaks, and simple errors.

HIMSS explained that it is imperative to educate key stakeholders on IT best practices and to ensure those practices are adopted. Significant security incidents caused by insider negligence were commonly the result of lapses in security practices and protocols.

HIMSS suggests that additional security awareness training should be provided to all employees, not just those involved in security operations and management. Individuals in security teams should also be given additional training on current and emerging threats along with regular training to ensure they know how to handle and mitigate security threats.

Email attacks and the continued use of legacy (unsupported) systems such as Windows Server and Windows XP raise grave concerns about the security of the healthcare ecosystem.

69% of respondents said they continue to use at least some legacy systems. 48% are still using Windows Server and 35% are still using Windows XP, despite the security risks that those legacy systems introduce.

While it is encouraging to see that 96% of organizations conduct risk assessments, only 37% of respondents said they conduct comprehensive risk assessments. Only 58% assess risks related to their organization’s website, 50% assess third party risks, and just 47% assess risks associated with medical devices.

HIMSS suggests cybersecurity professionals should be empowered to drive change throughout the organization. “Rather than being “hermetically sealed off” from the rest of the organization they serve, cybersecurity professionals should be both a visible and integral part of the strategic planning and operational infrastructure of their organizations,” a feeling that was shared by 59% of respondents.

It is good to see that in response to the growing threat of attacks, healthcare organizations are allocating more of their IT budgets to cybersecurity. 72% of respondents said their budget for cybersecurity had increased by 5% or more or had remained the same.

You can download the 2019 HIMSS Cybersecurity Survey Report on this link (PDF).

The post HIMSS Cybersecurity Survey: Phishing and Legacy Systems Raise Grave Concerns appeared first on HIPAA Journal.

EHR Vendor False Claims Act Violation Case Settled for $57.25 Million

The Tampa, FL-based electronic health record (EHR) software developer Greenway Health LLC has agreed to settle violations of the False Claims Act with the Department of Justice for $57.25 million.

The case concerns Greenway Health’s EHR product Prime Suite. The DOJ alleged that by misrepresenting the capabilities of the product, users submitted false claims to the U.S. government. Further, Greenway Health was alleged to have provided unlawful remuneration to users to induce them to recommend the EHR product to other healthcare providers.

The U.S. government provided incentives to healthcare organizations to encourage them to transition to EHRs from paper records through the Meaningful Use program. Most healthcare providers have now made the change and now rely on EHR systems to support the healthcare decision process. It is therefore essential that EHR products allow patient health information to be recorded and transmitted accurately.

In order for healthcare providers to qualify for Meaningful Use payments, they must only use EHR products that have been certified as meeting certain criteria stipulated by the Department of Health and Human Services (HHS). In order to receive certification, EHR software developers must have their products tested by an independent, accredited testing laboratory authorized by the HHS. Certification is then provided by an official certification body.

Greenway Health was alleged to have falsely obtained 2014 Edition certification for Prime Suite by concealing the fact that the product did not fully comply with all HHS criteria, such as the use of standardized clinical terminology to ensure reciprocal flow of patient information and the accuracy of electronic prescriptions. Greenway Health was alleged to have modified its test-run software to deceive the company that certified Prime Suite into believing it used the requisite clinical vocabulary.

Healthcare providers who used Prime Suite needed to meet targets for EHR-related activities in order to receive Meaningful Use incentive payments. One such target was to provide a certain percentage of patients with clinical summaries after office visits. The 2011 Edition of Prime Suite did not accurately calculate the percentage of office visits for which users distributed clinical summaries and, as a result, it caused users to submit false claims. Greenway Health chose not to correct the error as by doing so its users would not qualify for Meaningful Use incentive payments.

Greenway Health was also alleged to have violated the Anti-Kickback Statute by paying money to users as an incentive to recommend the product to other healthcare providers.

“This resolution demonstrates our continued commitment to pursue EHR vendors who misrepresent the capabilities of their products, and our determination to promote public health while holding accountable those who seek to abuse the government’s trust,” said Assistant Attorney General Jody Hunt of the Department of Justice’s Civil Division.

This is the second case against an EHR provider to have been pursued and resolved in the past two years. eClinicalWorks was also accused of covering up the failure of its platform to pass certification testing. eClinicalWorks paid $155 million to settle its case.

“These cases are important, not only to prevent theft of taxpayer dollars, but to ensure that the promise of health technology is realized in the form of improved patient safety and efficient healthcare information flow,” said United States Attorney Christina E. Nolan for the District of Vermont.

In addition to the financial penalty, Greenway Health has entered into a 5-year Corporate Integrity Agreement (CIA) with the HHS’ Office of Inspector General. Under the terms of the CIA, Greenway Health is required to retain an Independent Review Organization to assess its software quality control and compliance systems and to review arrangements with healthcare providers to ensure compliance with the Anti-Kickback Statute.

Greenway Health must also allow all users of Prime Suite to upgrade to the latest version of the platform at no additional charge and, if they so wish, allow customers to transfer their data to another EHR software provider without incurring penalties, service charges, or other contractual amounts owed in connection with the goods/services already provided.

The post EHR Vendor False Claims Act Violation Case Settled for $57.25 Million appeared first on HIPAA Journal.

New Cybersecurity Framework for Medical Devices Issued by HSCC

The Healthcare and Public Health Sector Coordinating Council (HSCC) has issued a new cybersecurity framework for medical devices. Medical device vendors, healthcare providers, and other healthcare industry stakeholders that adopt the voluntary framework will be able to improve the security of medical devices throughout their lifecycle.

The HSCC is a coalition of private sector critical healthcare infrastructure entities that have partnered with the government to identify and mitigate threats and vulnerabilities facing the healthcare sector. The group comprises more than 200 healthcare industry and government organizations. Together they work on developing strategies to address current and emerging cybersecurity challenges faced by the healthcare sector.

More than 80 organizations contributed to the development of the Medical Device and Health IT Joint Security Plan (JSP), which builds on recommendations made by the Healthcare Industry Cybersecurity Task Force established by the Department of Health and Human Services following the passing of the Cybersecurity Information Sharing Act of 2015.

“It is important for medical device manufacturers and health IT vendors to consider the JSP’s voluntary framework and its associated plans and templates throughout the lifecycle of medical devices and health IT because doing so is expected to result in better security and thus better products for patients,” explained HSCC.

Cybersecurity controls can be difficult to integrate into existing processes. Organizations often fail to recognize how important security controls are, and when considering how to enhance cybersecurity many do not know where to start or have insufficient resources to devote to the task. The framework helps by providing guidance on how to create a security policy and procedures that align with and integrate into existing processes.

HSCC is urging organizations to commit to implementing the JSP as it is believed that by doing so patient safety will be improved.

The JSP can be adopted by organizations of all sizes and stages of maturity and helps them enhance cybersecurity of medical devices by addressing key challenges. Many large manufacturers have already created similar cybersecurity programs to the JSP, so it is likely to be of most use for small to medium sized companies that lack awareness of the steps to take to improve cybersecurity as well as those with fewer resources to devote to cybersecurity.

The JSP utilizes security by design principles and identifies shared responsibilities between industry stakeholders to harmonize security standards, risk assessment methodologies, reporting of vulnerabilities, and improve information sharing between device manufacturers and healthcare providers. The JSP covers the entire lifecycle of medical devices, from development to deployment, management, and end of life. The JSP includes several recommendations including the incorporation of cybersecurity measures during the design and development of medical devices, handling product complaints related to cybersecurity incidents, mitigation of post-market vulnerabilities, managing security risk, and decommissioning devices at end of life.

The Medical Device and Health IT Joint Security Plan can be downloaded on this link.

The post New Cybersecurity Framework for Medical Devices Issued by HSCC appeared first on HIPAA Journal.

Vulnerability Identified in BD FACSLyric Flow Cytometry Solution

Becton, Dickinson and Company (BD) has identified an improper access control vulnerability in its BD FACSLyric flow cytometry solution. If the flaw is exploited, an attacker could gain access to administrative level privileges on a vulnerable workstation and execute commands. The vulnerability requires a low level of skill to exploit.

BD extensively tests its software for potential vulnerabilities and promptly corrects flaws. BD is currently taking steps to mitigate the vulnerability for all users of vulnerable FACSLyric flow cytometry solutions.

The flaw (CVE-2019-6517) is due to improper enforcement of user access control for privileged accounts. It has been given a CVSS v3 base score of 6.8 – Medium severity. BD self-reported the vulnerability to the National Cybersecurity & Communications Integration Center (NCCIC).

The vulnerability is present in the following cytometry solutions:

  • BD FACSLyric Research Use Only, Windows 10 Professional Operating System, U.S. and Malaysian Releases (Nov 2017 and Nov 2018)
  • The U.S. release of BD FACSLyric IVD Windows 10 Professional Operating System.

FACSLyric flow cytometry systems on Windows 7 are unaffected.

BD is contacting all affected users and will perform remediation activities to correct the flaw. These include disabling the admin account for users with BD FACSLyric RUO Cell Analyzer units on Windows 10 Pro. Computer workstations with BD FACSLyric IVD Cell Analyzer units on Windows 10 Pro will be replaced.

Users of the vulnerable solutions that have not yet been contacted by BD can contact BD Biosciences General Tech Support for further information.

To minimize the risk of exploitation of vulnerabilities such as this, NCCIC recommends locating medical devices and systems behind firewalls, minimizing network exposure for medical devices and systems, restricting access to authorized individuals, applying the rule of least privilege, adopting defense in depth strategies, and disabling unnecessary accounts and services.

The post Vulnerability Identified in BD FACSLyric Flow Cytometry Solution appeared first on HIPAA Journal.

New Report Reveals Spiraling Cost of Cyberattacks

A new report from Radware has provided insights into the threat landscape in 2018 and the spiraling cost of cyberattacks. The report shows there was a 52% increase in the cost of cyberattacks on businesses in since 2017.

For the report, Radware surveyed 790 managers, network engineers, security engineers, CIOs, CISOs, and other professionals in organizations around the globe. Respondents to the survey were asked about the issues they have faced preparing for and mitigating cyberattacks and the estimated cost of those attacks.

The 2018 Threat Landscape

93% of surveyed firms said they had experienced a cyberattack in the past 12 months. The biggest threat globally was ransomware and other extortion-based attacks, which accounted for 51% of all attacks. In 2017, 60% of cyberattacks involved ransoms. The reduction has been attributed to cybercriminals switching from ransomware to cryptocurrency mining malware.

Political attacks and hacktivism accounted for 31% of attacks, down from 34% in 2017. The motive behind 31% of attacks was unknown, which demonstrates that attackers are now more purposeful about hiding their motives. 27% of attacks were insider threats, 26% were attacks by competitors, 19% were attributed to cyberwar, and 18% were conducted by angry users. The primary aim of the attacks was service disruption (45%), data theft (35%), and espionage (3%). 16% of attacks had another aim or the purpose had not been established.

One in five businesses reported being attacked daily: A 62% increase year over year. 13% reported weekly attacks, 13% monthly attacks, and 27% experienced one or two attacks in the past year. 19% were unsure how many times they had been attacked.

Healthcare was the second most attacked industry behind the government sector. 39% of healthcare organizations reported having to fend off daily or weekly cyberattacks by hackers. Only 6% of healthcare organizations claimed they had not been attacked in the past year.

The biggest threats were malware and bots (reported by 76% of organizations), social engineering attacks such as phishing (65%), DDoS attacks (53%), web application attacks (42%), ransom threats (38%), and cryptocurrency miners (20%).

Respondents from healthcare organizations felt they were best prepared for phishing and other social engineering attacks (58%), malware, bots and DDoS attacks (55%), and web application attacks (52%). Only 39% felt they were well prepared to deal with ransomware attacks and advanced persistent threats.

The Rising Cost of Cyberattacks

The Radware study asked respondents about the business cost of a successful cyberattack. According to the report, the cost more than doubled compared to last year and is now $1.1 million. Respondents that had a formalized calculation to determine the financial impact of a cyberattack reported the cost to be $1.7 million, compared to $880,000 for those with no formal calculation.

For SMBs with fewer than 1,000 employees, the average cost of a cyberattack was estimated to be $450,000. That rose to $1.1 million for enterprises with between 1,000 and 10,000 employees, and $2.1 million for large corporations with more than 10,000 employees.

The average cost of a successful cyberattack on a healthcare organization was determined to be $1.43 million. Fortunately, most healthcare organizations (82%) had a breach response plan in place, which can limit the cost of a cyberattack.

The True Cost of a Cyberattack

The cost of a cyberattack is likely to be significantly higher than the estimates. Radware notes that the estimates do not factor in direct costs such as extended labor, investigations, and the development of software patches, indirect costs such as the hiring of technical consultants, legal expenses, and stock price drops, and costs associated with the prevention of future cyberattacks.

Other costs that are difficult to calculate are lost revenue, brand reputation damage, and loss of customers – All real possibilities after a data breach. Radware notes that following a successful cyberattack, 43% of respondents said there had been a negative customer experience, 37% suffered brand reputation damage, and 23% reported a loss of customers.

“The cost of cyberattacks is simply too great to not succeed in mitigating every threat, every time,” explained Radware. “Customer trust is obliterated in moments, and the impact is significant on brand reputation and costs to win back business.”

The post New Report Reveals Spiraling Cost of Cyberattacks appeared first on HIPAA Journal.

Hospital Associations Call for Industry-Wide Effort to Accelerate Interoperability

Seven leading hospital associations, including the American Hospital Association (AHA), are calling for an industry-wide effort to improve data sharing. The new report seeks to enlist and expand public and private stakeholder support to accelerate interoperability and help remove the barriers to data sharing.

In order to achieve the full potential of the nation’s healthcare system, health data must flow freely. Only then will it be possible to provide the best possible care to patients, properly engage people in their health, improve public health, and ensure new models of healthcare succeed.

Effective sharing of patient data strengthens care coordination, improves safety and quality, empowers patients and their families, increases efficiency, reduces healthcare costs, and supports the accurate tracking of diseases and the creation of robust public health registries.

The report explains that great progress is being made to improve interoperability of health IT systems and ensure that patients data can be accessed regardless of location or system. 93% of hospitals now allow patients to access their health records online, 87% allow health records to be downloaded by patients, 88% of hospitals send patient records to ambulatory care providers outside their system, and 84% of hospitals allow caregivers to access information on behalf of patients.

Interoperability improvements have required tremendous effort and have come at a significant cost. Progress has been made but hospitals still face substantial barriers that are preventing efficient data sharing. Health IT tools are often expensive, many do not easily support information sharing, and the use of different health IT and EHR systems make it difficult to efficiently share information.

It is now common for healthcare to be delivered across multiple settings and locations. Records generated in doctor’s offices, hospitals, laboratories, medical devices, and in non-clinical settings should all be accessible and capable of being transferred quickly, efficiently, and accurately to create a full patient record that can be accessed by patients and their healthcare providers.

The report notes that diplomats at the United Nations speak a wide variety of languages but, through translators, are able to communicate efficiently and effectively. Mobile phones can communicate with other devices, regardless of make, model, or operating system. Healthcare needs to operate in a similar way.

A final push is required to get interoperability where it needs to be. The challenges that need to be overcome are detailed in the report along with an agenda detailing the pathway to full interoperability.

In order to achieve true interoperability, all industry stakeholders need to collaborate and work toward the common goal. The roles that different stakeholders must play are detailed in the report.

The report – Sharing data, Saving Lives: The Hospital Agenda for Interoperability – can be downloaded on this link.

The post Hospital Associations Call for Industry-Wide Effort to Accelerate Interoperability appeared first on HIPAA Journal.

Vulnerabilities Identified in Dräger Infinity Delta Patient Monitors

The U.S. Department of Homeland Security Industrial Control Systems Cyber Emergency Team (US-CERT) has issued an advisory about three vulnerabilities affecting Dräger Infinity Delta patient monitoring devices.

The flaws affect all versions of Infinity Delta, Delta XL, Kappa, and infinity Explorer C700 patient monitoring devices. The flaws could lead to the disclosure of sensitive information stored in device logs, be leveraged to conduct Denial of Service (DoS) attacks, or could potentially allow an attacker to gain full control of the operating system of a vulnerable device. The flaws were discovered by Marc Ruef and Rocco Gagliardi of scip AG.

The vulnerabilities are detailed below, in order of severity:

CVE-2018-19014 (CWE-532) – Exposure of Information in Log Files

Log files are not appropriately secured and are accessible over an unauthenticated network. An attacker could gain access to device log files and view sensitive information relating to the internals of the monitor, location of the device, and its wired network configuration. The flaw has been assigned a CVSS v3 base score of 4.3.

CVE-2018-19010 (CWE-20) – Improper Input Validation

An error in the way input is validated could be exploited to cause the device to constantly reboot. An attacker could repeatedly send a malformed network packet causing a vulnerable device to repeatedly reboot until it reverts to its default configuration and network connectivity is lost. The vulnerability has been assigned a CVSS v3 base score of 6.5.

CVE-2018-19012 (CWE-269) – Privilege Escalation Through Improper Privilege Management

An attacker could break out of kiosk mode via a specific dialog and gain access to the underlying operating system and take full control of the operating system. The vulnerability has been assigned a CVSS v3 base score of 8.4.

All three vulnerabilities were addressed by Dräger in December 2018. Users should update the devices to Delta/Infinity Explorer VF10.1 which can be accessed on Dräger ServiceConnect.

Users have also been advised to review their network segmentation configuration and ensure that the devices are logically or physically separated from the hospital LAN and also check the Windows patch level of their Infinity Explorer.

The post Vulnerabilities Identified in Dräger Infinity Delta Patient Monitors appeared first on HIPAA Journal.

IT Service Providers and Customers Warned of Increase in Chinese Malicious Cyber Activity

The Department of Homeland Security (DHS) United States Computer Emergency Readiness Team (US-CERT) has issued an alert about increased Chinese malicious cyber activity targeting IT service providers such as Managed Service Provider (MSPs), Managed Security Service Providers (MSSPs), Cloud Service Providers (CSPs) and their customers.

The attacks take advantage of trust relationships between IT service providers and their customers. A successful cyberattack on a CSP, MSP or MSSP can give the attackers access to healthcare networks and sensitive patient data.

The DHS Cybersecurity and Infrastructure Security Agency (CISA) has issued technical details on the tactics and techniques used by Chinese threat actors to gain access to services providers’ networks and the systems of their customers.

The information has been shared to allow network defenders to take action to block the threats and reduce exposure to the Chinese threat actors’ activities. Guidance has been released for IT service providers and their customers on the steps that should be taken to improve security to prevent successful attacks. While a range of mitigations have been specified, there is no single solution that will work for all organizations and mitigating these malicious activities can be a complex process.

Advice for Customers of IT Service Providers

Healthcare organizations that utilize IT service providers are advised to:

  • Ensure their providers have conducted a review to determine if there is a security concern or has been a compromise
  • Ensure their IT service providers have implemented solutions and tools to detect cyberattacks.
  • Review and verify connections between healthcare systems and those used by IT service providers.
  • Verify all IT service provider accounts are being used for appropriate purposes.
  • Disable IT service provider accounts when they are not in use.
  • Ensure business associate agreements require IT service providers to implement appropriate security controls, require logging and monitoring of client systems and connections to their networks, and the need to promptly issue notifications when suspicious activity is detected.
  • Integrate system log files and network monitoring data into intrusion detection and security monitoring systems for independent correlation, aggregation and detection.
  • Ensure service providers view US-CERT pages related to APT groups targeting IT service providers, specifically TA-18-276A and TA-18-276B.

Advice for IT Service Providers

IT service providers have been advised to take the following actions to mitigate the risk of cyberattacks:

  • Ensure the mitigations detailed in US-CERT alerts are fully implemented.
  • Ensure the principle of least privilege is applied to their environments, customers’ data are logically separated, and access to clients’ networks is not shared.
  • Implement advanced network and host-based monitoring systems that look for anomalous behavior that could indicate malicious activity.
  • Aggregate and correlate log information to maximize the probability of detection of malicious activity and account misuse.
  • Work closely with customers to ensure that all hosted infrastructure is carefully monitored and maintained.

The post IT Service Providers and Customers Warned of Increase in Chinese Malicious Cyber Activity appeared first on HIPAA Journal.