Healthcare Technology Vendor News

Advisory Issued After 8 Vulnerabilities Discovered in Natus Xltek NeuroWorks Software

ICS-CERT has issued an advisory following the discovery of eight vulnerabilities in version 8 of Natus Xltek NeuroWorks software used in Natus Xltek EEG medical products.

If the vulnerabilities are successfully exploited they could allow a malicious actor to crash a vulnerable device or trigger a buffer overflow condition that would allow remote code execution.

All eight vulnerabilities have been assigned a CVSS v3 score above 7.0 and are rated high.  Three of the vulnerabilities – tracked as CVE-2017-2853, CVE-2017-2868, and CVE-2017-2869 – have been assigned a CVSS v3 base score of 10, the highest possible score. CVE-2017-2867 has been assigned a base score of 9.0, with the other four vulnerabilities – CVE-2017-2852, CVE-2017-2858, CVE-2017-2860, and CVE-2017-2861 – given a rating of 7.5. The vulnerabilities are a combination of stack-based buffer overflow and out-of-bounds read vulnerabilities.

CVE-2017-2853 would allow an attacker to cause a buffer overflow by sending a specially crafted packet to an affected product while the product attempts to open a file requested by the client.

CVE-2017-2868 and CVE-2017-2869 relate to flaws in how the program parses data structures. Exploitation would allow an attacker to trigger a buffer overflow and execute arbitrary code, allowing the attacker to take full control of the affected system.

The vulnerabilities were discovered by security researcher Cory Duplantis from Cisco Talos who reported them to Natus. Natus took immediate action and has now released an updated version of its software which corrects all of the flaws.

To date there have been no reported instances of the vulnerabilities being exploited in the wild, and no public exploits for the vulnerabilities are known. Natus recommends all users of the vulnerable software to update to NeuroWorks/SleepWorks 8.5 GMA 3 as soon as possible.

The update is available free of charge for users of NeuroWorks/SleepWorks Version 8.0, 8.1, 8.4, or 8.5. The Natus Neuro technical support department should be contacted for further information.

In addition to updating to the latest version of the software, organizations can take further steps to limit the potential for zero-day vulnerabilities to be exploited.

The National Cybersecurity & Communications Integration Center (NCCIC) recommends minimizing network exposure for all control systems and devices and ensuring they are not accessible over the Internet. Control systems and remote devices should be located behind firewalls and should be isolated from the business network. If remote access is necessary, secure methods should be used to connect, such as Virtual Private Networks (VPNs), which should be kept up to date.

The post Advisory Issued After 8 Vulnerabilities Discovered in Natus Xltek NeuroWorks Software appeared first on HIPAA Journal.

TitanHQ Integrates Web Security into Datto’s Networking Suite

TitanHQ, the leading provider of email and web security solutions for SMBs, has formed a strategic alliance with the networking giant Datto and will be providing its innovative cloud-based web filtering solution to Datto MSPs.

Norwalk, CT-based Datto is primarily a data backup, disaster recovery, and business continuity service provider. The company’s mission is to provide SMBs with the highest quality enterprise-level technology to protect their businesses and networks.

Datto achieves this through its managed service provider (MSP) partners, giving them access to software solutions to ensure their clients are well protected. The company was acquired by Vista Equity Partners in 2017 and merged with New York-based Autotask and now has offices in 21 locations in the United States, Canada, China, Denmark, Netherlands, Germany, Singapore, Australia, and the UK. The company employs more than 1,300 staff and is the world’s leading provider of MSP-delivered IT solutions.

TitanHQ Integrates Web Filtering Solution into Datto’s Networking Range

Galway-based TitanHQ is an award-winning company that provides innovative cloud-based security solutions for SMBs, including SpamTitan – A 100% cloud-based spam filtering solution –  and WebTitan – Its cloud-based DNS web filtering solution.

The increase in ransomware and phishing attacks has made web filters an important addition to MSP’s security stacks, allowing them to add an additional level of protection to prevent unauthorized individuals from accessing their healthcare clients’ networks.

WebTitan provides real-time protection from malicious URLs, IPs, and phishing websites and is capable of blocking malware and ransomware downloads by preventing end users from visiting malicious websites. The strategic alliance between Datto and TitanHQ has seen WebTitan Cloud and WebTitan Cloud for Wi-Fi integrated into Datto’s networking range and made available to MSPs.

“We pride ourselves in equipping our community of Managed Service Provider partners with the right products and tools to allow each and every customer to succeed. With that in mind, I’m delighted to welcome TitanHQ as a security partner and look forward to growing our partnership,” said John Tippett, VP, Datto Networking   

At DattoCon 2018, the largest MSP event in the United States, TitanHQ will be demonstrating its web content filtering, email filtering, and email archiving solutions to MSPs. The company will be at booth #66 in the exhibition hall for the entire conference and TitanHQ CEO Ronan Kavanagh, Sales Director Conor Madden, Marketing Director Dryden Geary, and Alliance Manager Eddie Monaghan will all be in attendance.

The post TitanHQ Integrates Web Security into Datto’s Networking Suite appeared first on HIPAA Journal.

More than 90% of Hospitals and Physicians Say Mobile Technology is Improving Patient Safety and Outcomes

90% of hospitals and 94% of physicians have adopted mobile technology and say it is helping to improve patient safety and outcomes, according to a recent survey conducted by Black Book Research.

The survey was conduced on 770 hospital-based users and 1,279 physician practices between Q4, 2017 and Q1, 2018.

The survey revealed 96% of hospitals are planning on investing in a new clinical communications platform this year or have already adopted a new, comprehensive communications platform.

85% of surveyed hospitals and 83% of physician practices have already adopted a secure communication platform to improve communications between care teams, patients, and their families. Secure text messaging platform are fast becoming the number one choice due to the convenience of text messages, the security offered by the platforms, and the improvements they make to productivity and profitability.

98% of hospitals and 77% of physician practices said they have implemented secure, encrypted email and are using intrusion detection systems to ensure breaches are detected rapidly.

Many providers of secure text messaging solutions have developed their platforms specifically for the healthcare industry. The platforms incorporate all the necessary safeguards to meet HIPAA requirements and ensure PHI can be transmitted safely and securely. Text messaging is familiar to almost all employees who are provided access to the platforms and they make communication quick and easy.

However, 63% of respondents to the survey said they are still facing ongoing challenges with buy-in of general mobile adoption strategies and related enterprise technology execution.

30% of respondents said that even though secure methods of communication have been implemented such as encrypted text messaging platforms and secure email, they are still receiving communications on a daily basis from unsecured sources that contain personally identifiable information such as patients’ names and birthdates.

Part of the study involved an assessment of cybersecurity and privacy software and services, allowing the company to identify the vendors that are most highly regarded by customers. TigerText, the market leading provider of secure text messaging solutions for the healthcare industry, was rated highly across the board, as were Vocera, Spok, Doc Halo, and Imprivata.

Doc Halo was the highest rated secure communications platform provider among physician organizations, with Perfect Serve, Patient Safe Solutions, OnPage, Telemediq, and Voalte also scoring highly. Spok ranked highest among hospital systems and inpatient organizations, with Qlik and Cerner also receiving high marks.

“Stakeholders across the healthcare industry are in the quest of finding solutions to use comprehensive real-time data and connectivity cleverly to advance patient safety, productivity and profitability,” Doug Brown, president of Black Book Market Research. “Organizations are adopting secure text messaging platforms because texts are convenient, as well.”

The post More than 90% of Hospitals and Physicians Say Mobile Technology is Improving Patient Safety and Outcomes appeared first on HIPAA Journal.

Apple Launches API for Developers to Allow EHR Data to be Used in Care Management Apps

Apple has launched a new application programming interface (API) for developers that will allow them to create health apps that incorporate patients’ EHR data. Patients who load their EHR data into the Apple Health Records app will be able to pass the information directly to third party apps.

The move allows app developers to create a wide range of apps that can help patients manage their care.  The first apps that will be allowed to access EHR data, if permitted by the patient, should be available in the fall to coincide with the release of iOS 12.

One such app that can be used in connection with EHR data through the Apple Health Records app is Medisafe. The Medisafe app will allow patients of participating health systems to download their prescriptions lists and set reminders when their medications need to be taken. The app will also alert them to any potentially harmful interactions between their medications.

Apple suggests apps could be developed to help patients manage their medical conditions. Access to EHR data will allow those apps to provide more accurate and useful recommendations.

Apps that help patients with nutrition could benefit from access to blood sugar readings and cholesterol levels, and those provide help with meal planning. The API will also help patients share their health data with researchers far more easily.

Privacy of Protected Health Information

Apple has avoided being classed as a business associate by ensuring no protected health information passes through its servers. If patients decide to download information from their electronic health records into the Apple Health Records app, the information is passed from their provider directly to their iPhone. No protected health information passes through Apple’s servers or is stored by Apple. All EHR data downloaded to the app are stored securely on the device and are encrypted. If the patient decides to allow third-party apps to have access to their data, that information will pass directly from their iPhone to the third-party app.

Patients who use the Apple Health Records App to view or store information taken from their EHRs should bear in mind that while data are secure on their device, that may not be the case with third-party apps.

While EHR data is subject to HIPAA laws and must be secured by patients’ healthcare providers, if the information is downloaded and provided to a third party, HIPAA Rules will not apply to any transferred data.

Patients should therefore carefully check the terms and conditions and privacy protections of any third-party app developer before passing their health data to a third-party app.

Any developers that decide to take advantage of the new Health Records API should ensure privacy and security is built into the core of the design of their apps. While app developers may not be bound by HIPAA requirements, the information provided to the apps is highly sensitive and appropriate security controls should be applied to ensure it remains confidential.

The post Apple Launches API for Developers to Allow EHR Data to be Used in Care Management Apps appeared first on HIPAA Journal.

Warnings Issued Over Vulnerable Medical Devices

Warnings have been issued by the Department of Homeland Security’s (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) about vulnerabilities in several medical devices manufactured by Silex Technology, GE Healthcare, and Phillips. If the vulnerabilities were to be exploited, an unauthorized individual could potentially take control of the devices.

Phillips Brilliance CT Scanners

In early May, Phillips alerted the National Cybersecurity and Communications Integration Center (NCCIC) about security vulnerabilities affecting its Brilliance CT scanners. Phillips has been working to remediate the vulnerabilities and has been working with DHS to alert users of its devices to help them reduce risk. There have been no reports received to suggest any of the vulnerabilities have been exploited in the wild.

Three vulnerabilities have been discovered to affect the following scanners:

  • Brilliance 64 version 2.6.2 and below
  • Brilliance iCT versions 4.1.6 and below
  • Brillance iCT SP versions 3.2.4 and below
  • Brilliance CT Big Bore 2.3.5 and below

See ICS-CERT advisory (ICSMA-18-123-01)

The Brilliance CT scanners operate user functions within a contained kiosk environment in the Windows OS. The vulnerability – CVE-2018-8853 – could be exploited to allow an unauthorized individual or kiosk application user to gain unauthorized elevated privileges and access to unauthorized resources from the underlying Windows OS.

CVE-2018-8861 is a vulnerability in the Brilliance CT kiosk environment which could be exploited to allow an unauthorized attacker or limited access kiosk user to break out of the containment of the kiosk environment, gain elevated privileges from the underlying Windows OS, and access resources from the operating system.

CVE-2018-8857 is a vulnerability associated with hard-coded credentials used for inbound authentication and outbound communication. Those credentials could be compromised, allowing access to the system to be gained.

CVE-2018-8853 and CVE-2018-8861 both have a CVSS v3 base score of 6.1, while CVE-2018-8857 has a CVSS v3 base score of 8.4.

The vulnerabilities cannot be exploited remotely and require user interaction. According to a statement issued by Phillips, “An attacker would need local access to the kiosk environment of the medical device to be able to implement the exploit.” If exploited, the attacker could execute commands with elevated privileges and gain access to “restricted system resources and information.” The vulnerability would require a low level of skill to exploit.

The vulnerabilities are considered low-risk, but under the company’s responsible disclosure policy, an advisory was issued to alert users to the risk and provide information to reduce risk to a minimal level.

Phillips recommends only using Brilliance CT products within the specifications authorized by Phillips, such as only using Phillips-approved software, system services, and security configurations. Physical controls should also be implemented to limit access to the devices.

Phillips has taken action by remediating hard-coded credentials for its Brilliance iCT 4.x system and later versions and will continue to assess further options for remediating the vulnerabilities.

Silex SX-500, SD-320AN Wireless and GE Healthcare MobileLink

Two vulnerabilities have been discovered to affect certain Silex Technology products and GE Healthcare MobileLink technology. The vulnerabilities, tracked as CVE-2018-6020 and CVE-2018-6021, have been assigned a CVSS v3 rating of 6.5 and 7.4 respectively. See ICS-CERT advisory (ICSMA-18-128-01)

The following products are susceptible to one or both of the vulnerabilities:

GEH-500 (V 1.54 and earlier), SX-500 (all versions), GEH-SD-320AN (V GEH-1.1 and earlier), and SD-320AN (V 2.01 and earlier). The following GE MAC Resting ECG analysis systems may use vulnerable MobileLink Technology: MAC 3500, MAC 5000 (E.O.L 2012), MAC 5500 and MAC 5500 HD.

The vulnerabilities would require a low level of skill to exploit and could allow an unauthorized individual to modify system settings and remotely execute code. ICS-CERT notes that public exploits for the vulnerabilities are available.

CVE-2018-6020 concerns a lack of verification of authentication when making certain POST requests, which could allow the modification of system settings. CVE-2018-6021 concerns an improperly sanitized system call parameter, which could allow remote code execution.

The following recommendations have been made by Silex/GE Healthcare:

To mitigate CVE-2018-6020 on GE MobileLink/SX-500, users should enable ‘update’ account within the web interface, as this is not enabled by default.  To prevent changes to device configuration, users should set a secondary password for the ‘update’ account.

Silex Technology and GE Healthcare have produced updated firmware to resolve the CVE-2018-6021 vulnerability for GE MobileLink/GEH-SD-320AN, which will be available for download from May 31, 2018 once testing has been completed.

NCCIS suggests users should minimize network exposure for control system devices and/or systems to ensure they cannot be accessed over the Internet. All controls systems and remote devices should be located behind firewalls and isolated from business networks. If remote access is required, a VPN should be used.

NCCIC has advised users to conduct an impact analysis and risk assessment prior to any attempt to mitigate the vulnerabilities.

The post Warnings Issued Over Vulnerable Medical Devices appeared first on HIPAA Journal.

Tristar Medical Group Discovers Solution That Reduced its AWS Costs by 60%

Healthcare organizations are increasingly turning to the cloud to meet their IT needs, but while there are many advantages to be gained from migrating applications, infrastructure, and datacenter operations to the cloud, managing cloud costs remains a major challenge.

Many healthcare organizations choose AWS EC2 instances for their servers. While the platform meets their needs, the high cost of running AWS EC2 instances – or equivalent instances from other providers – is forcing many healthcare organizations to scale back their cloud migration plans.

The cost of running AWS EC2 instances can be considerable. Tristar Medical Group, the largest privately-owned healthcare provider in Australia, runs facilities across the country, spread across multiple time zones. Its clinics need access to servers around the clock and cloud instances were left running 24/7.

Tristar soon discovered its strategy was proving prohibitively expensive. While the needs of its clinics were being met, the cost of its virtual desktop infrastructure (VDI) solution was unsustainable.

The rising OpEx costs meant Tristar had to scale down its instances and servers. “This led us to two conclusions. Either spend a large amount of capital upfront to increase the efficiency of our VDI solution, or automate and fine-tune our AWS servers to maximize output,” said Tristar CTO Dewald Botha.

Most organizations overprovision cloud resources and do not rightsize resources for their needs. Cloud instances are run 24/7 at a significant cost, when a large percentage of the time those resources are not in use.

The simplest solution is to schedule resources and switch off instances when they are not required and turn them back on when they are needed. Scheduling alone allows cloud users to make significant savings and dramatically reduce their monthly cloud bills, although complex hybrid cloud environments require an automated scheduling solution.

Tristar determined the easiest solution was to find an application that could be used to schedule instances and optimize cloud costs and searched for a suitable cloud cost management solution.

Various solutions were trialed, and while all offered the opportunity to eliminate inefficiencies and schedule resources, the most flexible and easy to use solution that achieved the greatest savings was provided by ParkMyCloud. After signing up for the free trial, Tristar discovered it was able to almost instantly reduce its AWS costs by between 40%-60%, depending on its operational needs.

With costs reduced and spending optimized, Tristar has been able to accelerate cloud migration and has now moved many of its current datacenter instances to AWS. By the time that process is completed, Tristar expects to be able to save around $20,000 a month on cloud costs – $240,000 a year.

The post Tristar Medical Group Discovers Solution That Reduced its AWS Costs by 60% appeared first on HIPAA Journal.

TitanHQ’s WebTitan Now Available Through Kaseya IT Complete Suite

TitanHQ has announced its DNS-based web filtering solution, WebTitan, has now been integrated into Kaseya’s IT Complete platform. The integration allows MSPs serving the healthcare industry to offer their clients an additional layer of protection against web-based threats such as phishing, malware, and ransomware.

Via Kaseya, managed service providers can access cybersecurity solutions from some of the biggest names in the industry, including Cisco, Dell, and Bitdefender. While the platform provides MSPs with a wide range of easy-to-deploy cybersecurity solutions, one notable absence was an MSP-friendly content filtering solution.

“Security is a critical service that all MSPs must deliver. Adding WebTitan to our open ecosystem of partner solutions means our customers now have even greater access to best of breed technologies to meet the needs of their business,” said Frank Tisellano, Jr., Kaseya vice president product management and design. “With growing concerns over malware, ransomware and phishing as key threats to MSP customers, WebTitan adds a highly effective layer of protection.”

A web filtering solution is a powerful tool that allows healthcare organizations to block attempts by employees to visit malicious websites, either through the clicking of hyperlinks in phishing emails, general web browsing, or redirects to malicious sites via malvertising.  A web filter is an important additional tool that helps to ensure the confidentiality, integrity, and availability of protected health information by blocking phishing attacks, malware, and ransomware downloads.

In the past month alone 10 email-based hacking incidents have been reported to OCR, with each incident resulting in the exposure of more than 500 healthcare records. The high volume of successful phishing attacks on healthcare employees highlights the need for advanced technological controls to prevent healthcare employees from visiting malicious websites and disclosing their account credentials.

Managed service providers can now access the multi-award-winning web filtering solution through Kaseya VSA and the Kaseya IT Complete Suite and deploy network-wide DNS-based web filtering in a matter of minutes, giving their healthcare clients even greater protection against malware, ransomware and phishing attacks.

The post TitanHQ’s WebTitan Now Available Through Kaseya IT Complete Suite appeared first on HIPAA Journal.

FDA Issues Alert Over Vulnerabilities in Abbot Laboratories Defibrillators

The U.S. Food and Drug Administration has issued an alert about certain Abbott Laboratories implantable cardiac devices over cybersecurity vulnerabilities that could potentially be exploited to alter the functioning of the devices.

Certain implantable cardiac defibrillators (ICDs) and cardiac resynchronization therapy defibrillators (CRT-Ds) are affected, including the Current, Promote, Fortify, Quadra, Unify, and Ellipse families of products. The flaws do not exist on pacemakers or cardiac resynchronization pacemakers (CRT-Ps).

Exploitation of the vulnerabilities is possible using commercially available equipment that could be used to send commands to the devices via radio frequencies. For the vulnerabilities to be exploited, an attacker would need to be in relatively close proximity to the device.

Were an attack to happen, it would be possible to alter the function of the devices and cause them to deliver inappropriate packing and shocks or cause the batteries to deplete prematurely. Exploitation of the vulnerabilities therefore has potential to cause harm to patients.

The vulnerabilities are being addressed with a firmware update. The FDA has assessed the update and confirmed that it mitigates the vulnerabilities and reduces the potential for harm to a reasonable level. After receiving the update, any device that attempts to connect to the ICD or CRT-D would need to provide authentication before any changes could be made.

Abbott Laboratories notes in a recent press release that there have been no reports of the vulnerabilities actually being exploited, and that the update is not an emergency measure but part of a series of planned updates to improve cybersecurity.

The firmware update also corrects an unrelated issue with the lithium ion batteries which can cause them to deplete rapidly, in some cases within a day. This is not caused by malicious actors, instead it is a problem with the batteries, which can form lithium deposits that create abnormal electrical connections. The update includes a new battery depletion alert that will be triggered if rapid battery depletion is detected, informing the patient that they must arrange to visit their physician as soon as possible.

The firmware update cannot be applied remotely. Patients must visit their provider to have their ICD or CRT-D updated.

The update will take approximately 3 minutes during which time the device will operate in backup VVI mode. High voltage therapy will be temporarily disabled and there is potential for the device to deliver no pacing for up to three seconds during the update.

Any firmware or software update has potential to cause a device to malfunction, although the risk is very low and a previous firmware update in August 2017 resulted in no serious malfunctions. In 0.62% of cases, the update was not applied in full. In such cases the issue was rapidly resolved with Technical Services. To reduce the risk of problems, a programmer update has been incorporated which should keep update errors to a minimal level.

Certain devices cannot accept the update due to technical limitations. A fix has been offered by Abbott Laboratories that involves switching off RF functionality via the Merlin@home programmer. While this fix will prevent any exploitation of the vulnerabilities, it would also prevent the device from sending data directly to the physician’s office. Consequently, the FDA recommends that RF functionality is not disabled.

The post FDA Issues Alert Over Vulnerabilities in Abbot Laboratories Defibrillators appeared first on HIPAA Journal.

Verizon PHI Breach Report Confirms Healthcare Has Major Problem with Insider Breaches

Verizon has released its annual Protected Health Information Breach Report which delves deep into the main causes of breaches, why they occur, the motivations of internal and external threat actors, and the main threats to the confidentiality, integrity, and availability of PHI.

For the report, Verizon analyzed 1,368 healthcare data breaches and incidents where protected health information (PHI) was exposed but not necessarily compromised. The data came from 27 countries, although three quarters of the breached entities were based in the United States where there are stricter requirements for reporting PHI incidents.

In contrast to all other industry sectors, the healthcare industry is unique as the biggest security threat comes from within. Insiders were responsible for almost 58% of all breaches with external actors confirmed as responsible for just 42% of incidents.

The main reason for insider breaches is financial gain. PHI is stolen to commit identity theft, credit card fraud, insurance fraud, and tax fraud. Verizon determined that 48% of all internal incidents were conducted for financial gain. 31% involved accessing medical data out of curiosity or for fun, 10% of incidents were attributed to easy access to data, with 3% of incidents occurring due to a grudge and a further 3% for espionage. External attacks are primarily conducted for financial gain – extortion and the theft and sale of data.

Verizon also looked at the actions that lead to PHI incidents and data branches, with the most common problem being errors. Errors were behind 33.5% of incidents within this category, which included the misdelivery of emails and mailings, errors made disposing of PHI, publishing errors, loss of PHI, misconfigurations, programming mistakes and data entry errors. The main incident cause was misdelivery of documents, which accounted for 20% of all incidents in the error category.

The second biggest breach category is misuse, accounting for 29.5% of all incidents. 66% of incidents in this category were attributed to privilege abuse – accessing records without authorization. Data mishandling was behind 21.6% of incidents and possession abuse – the misuse of access to physical records – was behind 16.9% of incidents in the misuse category.

The physical category includes theft of records and devices, snooping, tampering, disabled controls, and surveillance. 16.3% of all healthcare PHI incidents were placed in this category, with theft accounting for 95.2% of all incidents. The theft of laptops was the main incident type. Almost half (47%) of laptop theft incidents involved the devices being taken from employees’ vehicles. The use of encryption would prevent the majority of these incidents from exposing PHI.

Hacking may make the headlines, but it accounted for relatively few breaches – just 14.8% of all healthcare PHI incidents were placed in this category. The main cause of breaches in the hacking category was the use of stolen credentials (49.3% of incidents), with credentials often stolen via phishing attacks. Brute force attacks taking advantage of weak passwords were behind 20.9% of incidents. 17.9% of hacking breaches involved the use of backdoors.

Malware was involved in 10.8% of all PHI incidents. While there were a wide range of malware types and variants used in attacks, by far the biggest category was ransomware, which accounted for 70.5% of attacks.

Social attacks accounted for 8% of all incidents. This category involves attacks on employees. Phishing was involved in 69.9% of incidents in this category, followed by pretexting (11.7%), and bribery (7.8%). Pretexting is the next stage on from phishing, when access to email accounts is used to send further emails – BEC attacks for example.

Verizon offers three suggestions which in the short term will help to reduce the number of PHI related incidents and data breaches.

Full disk encryption should be deployed on all portable electronic devices used to store PHI. This simple measure would prevent PHI from being accessed in the event of loss or theft of an electronic device.

The routine monitoring of medical record access – a requirement of HIPAA – will not prevent breaches, but it will reduce the severity of insider incidents and allow healthcare organizations to take corrective action quickly. When employees are aware that records are routinely monitored it can also act as a deterrent and reduce theft and unauthorized access incidents.

The final course of action is to implement solutions to combat ransomware and malware. While defenses can and should involve the use of spam filters and web filters, simple measures can also be taken such as not allowing laptops to access the Internet if they are used to store large quantities of PHI.

The post Verizon PHI Breach Report Confirms Healthcare Has Major Problem with Insider Breaches appeared first on HIPAA Journal.