Video Screencast Help
Healthcare Online User Group
Showing posts in English
Axel Wirth | 11 Nov 2013 | 0 comments

Granted, there are easier to decipher acronyms than the one describing the Manufacturer Disclosure Statement for Medical Device Security, short MDS2. The initial version was developed in 2008 through a cooperation of NEMA (National Electrical Manufacturers Association) and HIMSS’ (Health Information and Management Systems Society) Medical Device Security Task Force, in collaboration with multiple industry associations, government agencies and other stakeholders. It provided a basic, 3-page form allowing medical device manufacturers to describe to their customers, i.e. the hospitals, the basic security and privacy properties of a specific medical device; things like the operating system and version, type of network connection, the ability of the operator to install antivirus software, or what PHI (Protected Health Information) is stored on the device and whether it is transient or permanent.

Although the form fulfilled its purpose, there was also some criticism on this...

Karalee Serra | 11 Oct 2013 | 0 comments

There’s a growing concern in the medical device industry: cybersecurity. The FDA has now issued new recommendations for regulation. Security researchers have published serious vulnerabilities, and patient safety is at stake. Bad publicity and potentially huge financial consequences are on the horizon. Are you ready?

Axel Wirth, Symantec's expert on medical device security, will be your guide through this 90 minute intense review covering threat landscapes and cybersecurity risks, as well as how to discover and evaluate cybersecurity protection programs in your setting, and how to develop new programs to fit your ongoing needs.

For More Details >>

Karalee Serra | 27 Sep 2013 | 2 comments

Learn what you can do today to protect your medical devices from attacks and malware while manufacturers start to provide devices with improved security posture. If you missed our recent webinar, click here to view the archived edition.

Karalee Serra | 27 Sep 2013 | 0 comments

mHealth security panelists wonder, can a hacked medical device kill you?
The depiction of a U.S. vice president killed by his hacked pacemaker on the Showtime series "Homeland" may be a bit too fantastic for those in the mHealth industry to take seriously, but the potential exists. Continue reading the full article >>

Karalee Serra | 10 Jul 2013 | 0 comments

Healthcare Cybersecurity Threat Worrisome but Theoretical - For Now
On June 13, the FDA released a document titled, "FDA Safety Communication: Cybersecurity for Medical Devices and Hospital Networks." Major news networks such as CNN and The Economist reported on the standard-issue release with pronounced alarm. The document outlines, in broad terms, a list of security risks that can be found in medical devices. In a related release, Homeland Security’s ICS-CERT (Industrial Control Systems Cyber Emergency Response Team) reported that two researchers found a hard-coded password vulnerability that might leave as many as 300 medical devices, many of which perform life-critical functions, prone to exploitation. Scary stuff, indeed. Continue reading the full article >>

Karalee Serra | 21 Jun 2013 | 0 comments

Regulations initially cause organizations to spend more funds on data breaches, but eventually those rules could save enterprises money, the Ponemon Institute's Larry Ponemon says in analyzing his latest study on breach costs. The 2013 Cost of Data Breach Study, which the institute conducted for IT security provider Symantec, pegs the average global cost of a data breach at $136 a record in 2012, up $6 from in 2011. The study estimated the breach cost per record in the United States averaged $188 in 2012, down from $194 in 2011. The study, issued earlier this month, says human errors and system problems caused about two-thirds of data breaches, and that contributed to the worldwide increase in costs.

Continue reading the full article >>

David Finn | 09 Jun 2013 | 1 comment

We've been talking about the alignment of healthcare and banking (Financial Services and Health Insurance payers) since the Affordable Care Act (ACA) passed . . . it actually happens in 2014 and here is the beginning of Medical Banking. A new report from the Workgroup for Electronic Data Interchange (attached) covers the new electronic fund transfer and electronic remittance advice HIPAA transactions that were mandated in January 2014.

Under the Affordable Care Act, health plans must support EFT upon provider request, and Medicare will require its use. Reform-authorized “operating rules” to make the EFT and ERA transactions more standardized also take effect in January.

The report walks through the EFT and ERA regulations, explains how business processes will change for health care organizations and their trading partners, and gives examples of best practices for implementing the transactions and their operating rules.

David Finn | 24 Dec 2012 | 0 comments

Well, if you are like me, you were hoping that maybe December would slow down a bit and you could get caught up.  I remember when it used to work like that - - not so much anymore.  So, now that Christmas Eve is upon us, I'm trying to catch up with the blog I was supposed to have done two weeks ago.  I didn't get that done because I was at the 1st HIMSS Privacy and Security Forum . . . and now that it is over.  I can talk about it.

Which brings me to the title of this blog:  “What do Catie the Lobby Dog and the HIMSS Privacy and Security Forum have in common?”  Here's a bit of a clue - - Catie is actually Catie Copley, Canine Ambassador (her title comes right from her business card) at the Fairmont Copley Plaza in Boston. And if you haven't figured it out, yet, that is where HIMSS had its first ever Privacy and Security Forum. Anyhow, it was a great conference with a broad range of nationally-recognized...

David Finn | 29 Oct 2012 | 1 comment

The demand for professionals to fill health IT jobs continues, as noted in this recent article, in AllVoices: ”The U.S. Department of Labor has earmarked both healthcare and information technology as two job sectors that are expected to show real growth in the next few years, but when the two are combined, the job prospects soar.” I asked one of our HIMSS e-Executive Mentors and former HIMSS Board member, David Finn, to share his perspective on the health IT job market.  It all comes down to leadership . . . my comments can be found on the HIMSS Blog at:

http://blog.himss.org/2012/10/26/health-it-jobs-a-...

Axel Wirth | 08 Oct 2012 | 4 comments

We can rightfully assume that everybody who uses a computer or mobile device to connect to the Internet, whether for personal or professional reasons, is aware of the impact of hackers and malware on our online experience. Even if we have not personally been hacked, we are only too aware of the defenses we have to put in place to protect our identities, our information, and our equipment. Anti-Malware software on our devices, spam filters for our email, firewalls to protect our networks, etc. We need to pay for them, maintain them, and we need them to allow us to do what we need to, or enjoy doing – interacting with social media, web surfing, communicating, shopping, studying, and more.

Yet, the U.S. government just told us there is another thing to worry about. Those of us who use implanted electronic medical devices, like pacemakers, neuro-stimulators, or insulin pumps, were just told that these devices, just like our computers or smartphones, may be at risk of being...