Software Integrity Blog

Archive for the 'Healthcare Security & Privacy' Category

 

Building security into connected medical devices

The FDA now recognizes UL 2900-2-1 and UL 2900-1, the first guidance that sets specific criteria for cyber security testing of connected medical devices.

Continue Reading...

Posted in Healthcare Security & Privacy, Medical Device Security

 

SingHealth hit with ‘unprecedented’ cyber attack

After the SingHealth cyber attack, it took a week for attackers to steal the personal data of 1.5 million people—about a quarter of the city-state’s population.

Continue Reading...

Posted in Data Breach Security, Healthcare Security & Privacy

 

FDA adopts UL 2900-2-1, improves cyber security of connected medical devices

Continue Reading...

Posted in Healthcare Security & Privacy, Medical Device Security

 

Physician hackers: Healthcare security is in critical condition

FUD—fear, uncertainty, and doubt—is usually met with relentless mockery in the cyber security world, since it’s sometimes used to try to frighten people into buying a product.

Continue Reading...

Posted in Healthcare Security & Privacy, Medical Device Security

 

6 recommendations for healthcare cybersecurity

Early last year, in response to the Cybersecurity Act of 2015, the US Department of Health and Human Services (HHS) established The Health Care Industry Cybersecurity Task Force. This month the task force published its recommendations to improve healthcare cybersecurity.

Continue Reading...

Posted in Healthcare Security & Privacy, Medical Device Security

 

Sobering thoughts when a connected medical device is connected to you

I was recently confronted with a subject I’d considered professionally but never had to face personally: the security of connected medical devices.

Continue Reading...

Posted in Healthcare Security & Privacy, Medical Device Security

 

Synopsys report finds the medical device industry vulnerable to attack

A new report investigates whether medical device makers and healthcare delivery organizations align on the need to address cyber security risks.

Continue Reading...

Posted in Healthcare Security & Privacy, Medical Device Security

 

How to measure software security in the healthcare industry

In 2015, healthcare became the most attacked industry, replacing financial services. Since 2010, there have been at least eight healthcare industry breaches publically reported in the media. The 2016 Cyber Security Intelligence Index states that five of the eight breaches took place during the first half of 2015. During that period, over 100 million medical records were reportedly compromised. Misalignment between HIPAA and software security The Health Insurance Portability and Accountability Act (HIPAA) was passed in 1996. However, the compliance date of HIPAA’s Privacy Rule and Security Rule didn’t take effect until 2003. These rules were created as a way to implement and enforce industry-wide security safeguards on protected health information (PHI).

Continue Reading...

Posted in Healthcare Security & Privacy, Software Security Program

 

Responsible disclosure on a timetable

Continue Reading...

Posted in Healthcare Security & Privacy, Software Architecture & Design

 

Hacking medical devices: 5 ways to inoculate yourself from attacks

Healthcare companies must follow medical device security best practices to defend against attacks on devices and the networks and systems they connect to.

Continue Reading...

Posted in Healthcare Security & Privacy, Medical Device Security