Medical Device Cybersecurity Issues Found in GE Devices

A new cybersecurity flaw in GE imaging and ultrasound devices was discovered by CyberMDX. The flaw potentially allows unauthorized individuals remote access to the devices. More details on the medical device cybersecurity issues are discussed. GE Medical Device Cybersecurity The GE medical device cybersecurity vulnerability, deemed “MDhex-Ray,” was announced by the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) early this month. MDhex-Ray potentially affects [...]

2023-04-06T14:02:37-04:00December 14th, 2020|

Hackers Demand Ransom from Patients After Healthcare Provider Refuses to Pay

Hackers demand ransom from patients after a hacked Finnish healthcare provider declined to pay the ransom for the return of patient files. More details are discussed. What Caused Hackers to Demand Ransom From Patients Vastaamo, a Finnish organization that serves 40,000 patients with 22 locations across Finland, was targeted by hackers. Through the ransomware attack, hackers were able to access the psychotherapy [...]

2023-04-06T14:02:56-04:00November 6th, 2020|

Attorney General HIPAA Settlement Reached For Improper Disposal of ePHI

The Wakefern Food Corp., and two of its ShopRite supermarkets, have reached an Attorney General HIPAA settlement with the state of New Jersey and the New Jersey Division of Consumer Affairs. But what led to the Attorney General HIPAA settlement? More details are discussed below. Attorney General HIPAA Settlement for HIPAA Violations In 2016, Wakefern replaced devices in the pharmacies of two [...]

2023-04-06T14:02:56-04:00November 5th, 2020|

Cybersecurity Challenges of Working Remotely

As working remotely has become the new normal, businesses need to adjust their cybersecurity practices to account for the unique issues remote work poses to security. A recently released report from the Ponemon Institute uncovered the cybersecurity challenges of working remotely, and provided tips for increasing security in a remote environment. The results of the study, as well as tips to increase cybersecurity are discussed. Cybersecurity Challenges of [...]

2023-04-06T14:16:35-04:00October 28th, 2020|

Geisinger Latest Victim of Blackbaud Breach

The Blackbaud breach has been the subject of headlines for weeks, and Geisinger was one of their clients. Geisinger recently announced that the Blackbaud breach affected 86,412 of the healthcare organization’s patients. More details on the Blackbaud breach and Geisinger are discussed below. Blackbaud Breach Claims 6.3 Million Victims Before we discuss what happened with Geisinger, it is important to understand how [...]

2023-04-06T14:16:37-04:00October 22nd, 2020|

Is LiveChat HIPAA Compliant?

LiveChat is a customer service software platform that provides online chat, web analytics, and help desk services.These can be useful tools for any business, but as a healthcare organization, you must ensure that the software is HIPAA compliant. Is LiveChat HIPAA compliant? The answer to this is discussed below. Is LiveChat HIPAA Compliant: Security Features When LiveChat is used by a healthcare [...]

2023-04-06T14:16:40-04:00October 15th, 2020|

Lawsuit Claims EHR Violated HIPAA Right of Access

A lawsuit filed by Sherry Russell claims that HealthAlliance Hospital and Ciox Health denied access to her deceased husband’s medical records. If her claims are true, the healthcare organizations violated the HIPAA right of access provision. More details about the lawsuit are discussed below. HIPAA Right of Access Violation Sherry Russell requested her deceased husband’s medical records so that she may file [...]

2023-04-06T14:16:51-04:00September 23rd, 2020|

Are Search Engines Compromising PHI Security?

It was recently discovered that advancements in search engine capability may pose a risk to PHI security. Researchers from American College of Radiology (ACR), Radiological Society of North America (RSNA), and Society for Imaging Informatics in Medicine (SIIM) warned healthcare professionals and radiologists of the risk of using medical images for educational purposes. How Can Search Engines Identify Medical Images Optical Character [...]

2023-04-06T14:16:58-04:00September 8th, 2020|

New OCR Guidance on Completing a Risk Assessment

Recently, to provide HIPAA covered entities and business associates with assistance in completing their risk assessments, the Office for Civil Rights (OCR) released guidance. The OCR guidance lays out a detailed list of IT asset inventory steps that should be taken when completing a risk analysis. More details on the OCR guidance are discussed below. Compliancy Group offers clients a full HIPAA [...]

2023-04-06T14:17:02-04:00August 27th, 2020|

HIPAA Compliant Texting and Email

As more organizations continue to work remotely, they are relying on texting and email as means of communication. For organizations that work in healthcare, it is important to determine if the communication tool they use is HIPAA compliant. HIPAA compliant texting solutions and email platforms are discussed below. HIPAA Compliant Texting and Email: What You Need to Know An essential component of HIPAA is ensuring the confidentiality, integrity, and [...]

2023-04-06T14:17:10-04:00August 10th, 2020|