Video Screencast Help
Healthcare Online User Group
Showing posts tagged with Critical System Protection
Showing posts in English
Axel Wirth | 26 Aug 2014 | 0 comments

Why this post?

Over the past few months we have seen a number of reports on breaches of healthcare organizations and medical device manufacturers where the suspected or documented target was intellectual property data related to medical devices.  Some of these recent cases have received wide press coverage.

As a result, the FBI has issued a warning to US healthcare companies that they may be the target of further cyberattacks (FBI warns healthcare firms they are targeted by hackers). The document indicated that several companies in the sector had been targeted and intellectual property, rather than personal data or PHI, may be the main target of the attacks.

"These actors have also been seen targeting multiple companies in the healthcare and medical device industry typically targeting valuable intellectual property...

Axel Wirth | 14 Jul 2014 | 0 comments

In cooperation with the ECRI Institute, AAMI (Association for the Advancement of Medical Instrumentation) just published their 2014 report on  "Executive Insights on Healthcare Technology Safety”.  Cybersecurity of Medical Devices came in as one of the top five identified technology risks! The full report can be found here: http://www.aami.org/aami-ecri/Tech%20Trends%202014.pdf 

Specifically, the report advises healthcare delivery organizations and manufacturers to take cybersecurity seriously as they are building their integrated networks of medical devices by, for example, performing security assessments. Further, they need to realize that “doing this the right way requires huge amounts of resources to test and secure the networks and devices before deployment”.

The report states that the security failures in healthcare are mistakes of a long gone era in other verticals, concluding...

Axel Wirth | 09 Apr 2014 | 0 comments

As far as TV shows are concerned, there are a number of them which my now grown kids and us, the parents, equally enjoy; for example most recently Breaking Bad. But then there are some, where … well, let me phrase it politely, the older generation does not quite see eye to eye with the younger. The Walking Dead would fall into that category; I am definitely not getting the point.

Or maybe it is that I am dealing with too many Walking Dead, meaning ugly things you just can’t kill, during my day job? And as of today, there is another one to add to that list – the official end of support of Windows XP. And a big one that is.

After 12 years in the market, Windows XP certainly is established well and, not surprisingly, its end does not come easy:

  • According to a CNN Money article from March, 95% of bank ATMs are running on Windows XP (although other articles have placed the number somewhat lower at 60% or 75%, respectively, but still).
  • The total number...
David Finn | 11 Feb 2014 | 0 comments

One of the great things about being the Health IT Officer at a big security firm is that no one really knows what you do.  I get to slip quietly back and forth between customers who are dealing with the reality, to sales teams, or to product teams and to marketers, to Symantec partners (both real and imagined), to software and hardware vendors and to industry associations.  It gives you a bigger view of what is going on.  And it is impossible to think of the bigger picture in Health IT without thinking of HIMSS Annual Conference.  And it is never bigger than when it is in Orlando!

Recently I got some information from HIMSS regarding the upcoming HIMSS14 and topics that attendees will be focused on.  They had a great infographic that included a section showing what topics people would be looking for at HIMSS.  All the usual suspects were there:  MU, ICD-10, Analytics, HIE, mHealth, Interoperability, EHR, Privacy and Security . . . ...

Axel Wirth | 21 Jan 2014 | 1 comment

Yahoo!7 News Australia just published a noteworthy article: "Cyber attacks: pharmacies, patient records targeted 'ransomware' attacks" (17-Jan-2014), highlighting a worrisome trend of using Ransomware to specifically attack medical institutions, encrypt critical data (pharmacy records in this case) in place and demand a ransom in exchange for the encryption key.

Although we have seen these types of attacks before (Express Script, 2008; Virginia Health Professions Database, 2009; or Surgeons...

Axel Wirth | 11 Nov 2013 | 0 comments

Granted, there are easier to decipher acronyms than the one describing the Manufacturer Disclosure Statement for Medical Device Security, short MDS2. The initial version was developed in 2008 through a cooperation of NEMA (National Electrical Manufacturers Association) and HIMSS’ (Health Information and Management Systems Society) Medical Device Security Task Force, in collaboration with multiple industry associations, government agencies and other stakeholders. It provided a basic, 3-page form allowing medical device manufacturers to describe to their customers, i.e. the hospitals, the basic security and privacy properties of a specific medical device; things like the operating system and version, type of network connection, the ability of the operator to install antivirus software, or what PHI (Protected Health Information) is stored on the device and whether it is transient or permanent.

Although the form fulfilled its purpose, there was also some criticism on this...

David Finn | 29 Oct 2012 | 1 comment

The demand for professionals to fill health IT jobs continues, as noted in this recent article, in AllVoices: ”The U.S. Department of Labor has earmarked both healthcare and information technology as two job sectors that are expected to show real growth in the next few years, but when the two are combined, the job prospects soar.” I asked one of our HIMSS e-Executive Mentors and former HIMSS Board member, David Finn, to share his perspective on the health IT job market.  It all comes down to leadership . . . my comments can be found on the HIMSS Blog at:

http://blog.himss.org/2012/10/26/health-it-jobs-a-...

David Finn | 03 Apr 2012 | 0 comments

At the Jefferson Memorial you find a lot of Jefferson’s writings - - as opposed to Lincoln’s, for example (one thing that makes sense in Washington, DC).  One of them says this:  “I am not an advocate for frequent changes in laws and constitutions, but laws and institutions must go hand in hand with the progress of the human mind.” 

One of my very first IT assignments was to write the coding standards for a major university - - we did all our own development at that time and were about to completely re-do all major systems (billing, collections, records and registration, scheduling, grading - - everything).  My writing experience had previously been journalistic or for the theatre.  So, I started asking people who had more experience.  First stop was a very senior manager who pointed to two shelves full of three inch, three ring binders on his bookshelf.  “Here’s a good example,” he said, “of...

David Finn | 22 Jan 2012 | 0 comments

Well, this is the time of year when everyone involved in health information technology, directly and indirectly, from the providers, payers, government, banking, venture capitalists and vendors begin to turn their attention to HIMSS.  This year HIMSS is in Las Vegas - -  after a long absence from this venue.  For many years, Vegas didn’t have the classroom capacity required but that has changed and HIMSS will be making a return engagement in February.  First, remember we’re on a new schedule this year Monday through Friday (February 20 – February 24).

If you haven’t booked rooms or travel, get on it!  If you haven’t registered better get that done, too.  And then start working on your “dance card”.  The days fill up fast and five days at CHIME & HIMSS disappears very quickly.  And that is just educational sessions, booth visits and professional association meetings or Symposia.  Don...