Every month, we compile the most compelling healthcare privacy and security related news stories. Below, you’ll learn about the top 10 children’s hospitals in the US, maintaining cybersecurity throughout a crisis, and more.
CISOs are no strangers to working remotely – in fact, 7% of Americans were working in dispersed teams before COVID-19 made its impact. But as a result of recent social distancing practices, more organizations have been transitioning any workers outside the front lines to remote work.
The sudden transition has brought security vulnerabilities to light throughout healthcare and other industries, where CISOs have been tasked with enhancing security protocols even further. Granting teams the potential to operate outside of their VPN or secure networks leaves organizations open to the potential of insider threats and other risks.
With a heightened interest in COVID-19 testing, patient statuses, and vaccine research, healthcare organizations are especially vulnerable to cybersecurity threats. To learn more about what security professionals can do to strengthen cybersecurity in a time of crisis, read the full CISO MAG article.
U.S. News & World Report has named the top 10 best children’s hospitals in the nation. The rankings were determined by survey data from 200 medical centers that rated patient safety, infection prevention, and nurse staffing, as well as data from over 15,000 pediatric specialists, who were asked which hospitals they would choose to send children in their specialty.
Among the top children’s hospitals in the United States are:
- Boston Children’s Hospital
- Texas Children’s Hospital (Houston)
- UPMC Children’s Hospital of Pittsburgh
Did your organization make the list? View the full article to read more about the best children’s hospitals in the country.
In his COVID-19 Planning for the Future discussion, Dr. Charles Alessi, Chief Clinical Officer of HIMSS, stressed the importance of encouraging open debate concerning the secondary use of data – and of maintaining privacy throughout a crisis.
“Is there an inevitable conflict between science and politics, and between technology and personal privacy?” asked Dr. Alessi. “To a degree there is, and to a degree there isn’t because the experiences of 1918 and 2020 show that in all those cases there has been a lot of discussion around the right of privacy, around rights of the person to the rest of the community.”
To learn more about the debate surrounding secondary use of data in healthcare throughout COVID-19 and beyond, read the full Healthcare IT News article.
Last month, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) issued guidance in the form of a list of resources to “detect, prevent, respond, and recover” from cyberthreats that have increased in the wake of COVID-19.
Because healthcare organizations are particularly vulnerable to cybersecurity threats from both insiders and outside actors looking to steal valuable data throughout the pandemic, the OCR encourages covered entities to read and leverage the resources they provided to strengthen healthcare cybersecurity throughout the crisis.
“While HIPAA covered entities and business associates are largely trying to focus on COVID-19 response, they should ensure that they continue to devote resources to ensuring good security practices to address the risks of new applications, technologies, and threats. The last thing anyone wants is to have to respond to a cyberattack in the midst of this COVID-19 crisis.” – Iliana Peters, Shareholder at Polsinelli and former Acting Deputy Director of the OCR
From January to May 2020, 171 large healthcare data breaches that impacted 3.6 million people have been reported to the Department of Health and Human Services (HHS). And although phishing incidents are a leading cause of these breaches, the largest incident stemmed from the theft of an unencrypted laptop, exposing health data from thousands of patients.
Of breaches affecting 500 individuals or more, 104 were caused by hacking or IT incidents, which affected roughly 2.7 million people. And among that number, 65 of those incidents were caused by phishing scams, impacting 2.1 million individuals.
To learn more about 2020’s healthcare breaches, read the full Healthcare Info Security article.