Frederick Regional Health System recently disclosed a phishing incident that compromised an undiclosed number of hospice patients’ personal and protected health information. Here is their notification, first reported by the Frederick News-Post. Frederick Regional Health System is committed to protecting the security and confidentiality of our patients’ information. Regrettably, this notice is to inform our…
Search Results for: HCA
Critical flaw lets hackers control lifesaving devices implanted inside patients
Dan Goodin reports: The federal government on Thursday warned of a serious flaw in Medtronic cardio defibrillators that allows attackers to use radio communications to surreptitiously take full control of the lifesaving devices after they are implanted in a patient. Defibrillators are small, surgically implanted devices that deliver electrical shocks to treat potentially fatal irregular…
Thousands of health records and doctor’s notes were exposed daily
Zack Whittaker reports: A health tech company was leaking thousands of doctor’s notes, medical records, and prescriptions daily after a security lapse left a server without a password. The little-known software company, California-based Meditab, bills itself as one of the leading electronic medical records software makers for hospitals, doctor’s offices, and pharmacies. The company, among other…
Some job applicants are first learning about the May, 2018 JobScience breach. Why?
In November, 2018, this site noted a breach disclosed by Huntsville Hospital involving JobScience, Inc., a vendor providing online job application services. On November 10, we reported that other entities were also affected, such as Tallahassee Memorial Hospital, who had been notified in September by JobScience, and NorthBay Healthcare Corp., who were notified in October….
Hackers Love to Strike on Saturday – Redscan report
Mathew J. Schwartz reports: If you had to guess what day of the week a hacker will hit your organization, the answer might seem obvious: Hackers prefer to strike on Saturday. Research conducted by managed security service provider Redscan confirms it. The firm filed a freedom of information request with the U.K.’s privacy watchdog, seeking…
Businesses lag on data breach response times
I’ve recently commented a few times on delays to notification in the healthcare sector. Out-Law.com has a piece on data breach response times in the U.K. that provides some useful comparisons. Businesses in the UK took an average of 21 days to report personal data breaches they had identified to the Information Commissioner’s Office (ICO)…