Support our online development, and advance our onground research initiatives in free market economics, as we seek to showcase the brightest Next-Gen minds.
THE ME-P DISCLAIMER: Posts, comments and opinions do not necessarily represent iMBA, Inc., but become our property after submission. Copyright © 2006 to-date. iMBA, Inc allows colleges, universities, medical and financial professionals and related clinics, hospitals and non-profit healthcare organizations to distribute our proprietary essays, photos, videos, audios and other documents; etc. However, please review copyright and usage information for each individual asset before submission to us, and/or placement on your publication or web site. Attestation references, citations and/or back-links are required. All other assets are property of the individual copyright holder.
Top TEN Health Organizations Slammed by Cyber Breaches
Last year, the FBI released a private notice to the healthcare industry warning providers that their cybersecurity systems are lax compared to other industries, according to Reuters.
The notice reportedly stated, “The healthcare industry is not as resilient to cyber intrusions compared to financial and retail sectors, therefore the possibilities of increased cyber intrusions is likely.”
***
READ: Under Attack: Executives Face Rising Cybersecurity Risks
***
Considering the recent outbreak of major breaches affecting the industry, it appears that those concerns were warranted. The healthcare industry accounted for 43% of major data breaches reported in 2014, according to the Identity Theft Resource Center.
While 2015 data are not yet available, the steady stream of cybersecurity breaches has continued, and many organizations have already reported major breaches. Here are 10 recent victims.
Conclusion
Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.
Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com
OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:
- PRACTICES: www.BusinessofMedicalPractice.com
- HOSPITALS: http://www.crcpress.com/product/isbn/9781466558731
- CLINICS: http://www.crcpress.com/product/isbn/9781439879900
- ADVISORS: www.CertifiedMedicalPlanner.org
- FINANCE: Financial Planning for Physicians and Advisors
- INSURANCE: Risk Management and Insurance Strategies for Physicians and Advisors
- Dictionary of Health Economics and Finance
- Dictionary of Health Information Technology and Security
- Dictionary of Health Insurance and Managed Care
***
[Foreword Dr.Mata MD CIS]
***
***
“Physicians have more complex liability challenges to overcome in their lifetime, and less time to do it, than other professionals. Combined with a focus on practicing their discipline, many sadly fail to plan for their own future. They need trustworthy advice on how to effectively protect themselves, families and practice, from the many overt and covert risks that could potentially disrupt years of hard work. Fortunately, this advice is contained within ‘Risk Management, Liability Insurance, And Asset Protection Strategies For Doctors And Advisors [Best Practices From Leading Consultants And Certified Medical Planners™].
Written by Dr. David Edward Marcinko, Nurse Hope Rachel Hetico and their team of risk managers, accountants, insurance agents, attorneys and physicians, it is uniquely positioned as an integration of applied, academic and peer-reviewed strategies and research, with case studies, from top consultants and Certified Medical Planners™. It contains the latest principles of risk management and asset protection strategies for the specific challenges of modern physicians. My belief is that any doctor who reads and applies even just a portion of this collective wisdom will be fiscally rewarded. The Institute of Medical Business Advisors has produced another outstanding reference for physicians that provide peace of mind in this unique marketplace! In my opinion, it is a mandatory read for all medical professionals.”
David K. Luke MS-PFP, MIM, CMP™ [Net Worth Advisory Group, Inc., Sandy, Utah, USA
http://www.CertifiedMedicalPlanner.org
Share this:
Filed under: Information Technology, Risk Management | Tagged: Healthcare Cyber Breaches, HIT |
The Leading Business Education Network for Doctors, Financial Advisors and Health Industry Consultants 
Your Ashley Madison Account
[Paul recommends to read this email]
But … don’t fall for it!
I just received this email message from sharingservices@aol.com:
******************************************************************
Unfortunately your data was leaked in the recent hacking of Ashley Madison and I know have your information. I have also used your user profile to find your Facebook page, using this I can now message all of your friends and family members.
If you would like to prevent me from sharing this dirt info with all of your friends and family members (and perhaps even your employers too?) then you need to send 1 bitcoin to the following BTC address.
Bitcoin Address:
1AEJiZFnELwRZVjmVSvDSwUaXNZy4X9bQN
You may be wondering why should you and what will prevent other people from doing the same, in short you now know to change your privacy settings in Facebook so no one can view your friends/family list. So go ahead and update that now (I have a copy if you don’t pay) to stop any future emails like this.
You can buy bitcoin using online exchanges easily. If the bitcoin is not paid within 3 days of 23 Sep 2015 then my system will automatically message all of your friends and family members. The bitcoin address is unique to you.
Consider how expensive a divorce lawyer is. If you are no longer in a committed relationship then think about how this will affect your social standing amongst family and friends. What will your friends and family think about you?
Sincerely,
Paul
******************************************************************
Object lesson to all ME-P readers and subscribers
After review, I noted the following faults with this blast message:
* No sender last name.
* Sender blast email service
* Multiple email addresses
* Poor grammar
* I do not have – or ever had – a Facebook account
* I do not have – or ever had – an AM account
Don’t fall for this ploy. Forewarned is forearmed.
Dr. David E. Marcinko MBA
LikeLike
Breach immunity – the winners and the losers
The consequences of getting caught sharing medical records without patients’ permission depends on who is asking.
The loser:
“State board proposes discipline for University of Oregon psychologist over record release in rape case.” By The Associated Press, for The Register-Guard, Salem, Oregon, September 25, 2015.
http://registerguard.com/rg/news/local/33546539-75/story.csp
SALEM — A state licensing board is proposing a $5,000 fine, a reprimand and ethics training for the head of the University of Oregon’s counseling office.
The proposed discipline, announced Friday, stems from allegations that Shelly Kerr released a student’s counseling records to the UO’s lawyers without the student’s permission. The student sought counseling after she said she was raped by three basketball players.
The Board of Psychologist Examiners says Kerr violated rules requiring psychologists to protect the confidentiality of counseling records.
The university agreed to an $800,000 settlement with the student in May.
UO spokesman Tobin Klinger says the university is surprised and disappointed by the disciplinary decision. Klinger says Kerr is expected to request a hearing at which an administrative law judge would review the proposed discipline.
—————————–
The winner:
“DEA gives Henry Schein’s MicroMD a federal search warrant for Patient Data.” By Justin Shafer for My Dental Blog, September 27, 2015.
http://justinshafer.blogspot.com/2015/09/dea-gives-henry-scheins-micromd-federal.html
DEA gives Henry Schein’s MicroMD a federal search warrant for Patient Data. Henry Schein complies.
Norton Community Care was raided by the DEA, but after the raid, the DEA wanted records on certain patients who were prescribed oxycodone and they got that data from the doctors cloud based EMR. I am not sure what happened exactly, but it sounds like after the raid, the docs wanted data only to find that data was “on the cloud”. CORRECTION: I guess the DEA requested it before the raid.
Perhaps customers using the cloud for their PMS, should request a private encryption key feature that only they know, to keep prying eyes out of their database.
Better IT security might have prevented the DEA from getting the patient data (disk encryption and setting a backend database password for starters), but when that data is NOT in YOUR control, then you are not going to have that much POWER.
(Shafer includes photos of relevant legal documents including the search warrant application and Schein’s signed consent).
—————————–
Schein’s apparent uncontested willingness to help the DEA breach American citizens’ medical records reminds me of AT&T’s notorious participation in the NSA’s blanket surveillance of Americans’ phone conversations.
Though I don’t know what AT&T was offered for cooperating, there is an apparent conflict of interest worth $4.3 billion to Schein: “Henry Schein gets contract to modernize U.S. military health records.” Written by Ken Schachter for Newsday, August 20, 2015.
http://www.newsday.com/business/henry-schein-gets-contract-to-modernize-us-military-health-records-1.10755453
Some might claim Schein’s software is working exactly as stakeholders planned – long, long ago.
D. Kellus Pruitt DDS
LikeLike
Healthcare under attack
If you like watching political train wrecks develop , notice how HIT is going terribly wrong – even while Obama pushes to penalize providers who still store patients’ valuable personal information in loud, bulky, metal filing cabinets:
“Healthcare under attack as data theft rates surge – The health and care industries are progressively coming under attack from cybercriminals as the value of people’s health data skyrockets.”
Carl Leonard
[Principal security analyst at Raytheon]
October 15, 2015
http://www.theinformationdaily.com/2015/10/15/healthcare-under-attack-as-data-theft-rates-surge
D. Kellus Pruitt DDS
LikeLike
Avoid the “Cloud”
This may sound counterintuitive as the cloud is one of the biggest digital products around; especially for EHRs. Bu,t there’s a good argument to be made that anything can be hacked.
The Snowden leaks have shown that even the most secure networks have probably been infiltrated. So, if you have private or patient data you don’t want exposed, it’s probably best to back it up locally instead of on a big company’s cloud.
Inge
LikeLike
Paper: The gold standard of security
“Russian government turns back to the typewriter for security – MOSCOW — A Russian state service in charge of safeguarding Kremlin communications is looking to purchase an array of old-fashioned typewriters to prevent leaks from computer hardware, sources said Thursday.”,” By AFP, July 13, 2013 (more).
http://www.sourcenewspapers.com/articles/2013/07/13/news/doc51e00c2ad4ccb361032785.txt?viewmode=fullstory
More recently:
“Want to thwart govt spies? Use snail mail, Assange says – “Wikileaks founder Julian Assange advised journalists to use the regular postal service instead of email to avoid government surveillance…” By RT America, October 25, 2015
https://www.rt.com/news/319616-assange-snail-mail-spies/
Darrell Pruitt DDS
LikeLike
PAY-UP
The FBI recommends that you pay up if hackers infect your computer with ransomware.
http://www.msn.com/en-us/news/technology/the-fbi-recommends-that-you-pay-up-if-hackers-infect-your-computer-with-ransomware/ar-BBms6pX?li=AAa0dzB&ocid=U348DHP
Glenn
LikeLike
Ransomware in the wild west
“FBI’s Advice on Ransomware? Just Pay The Ransom – In-brief: The nation’s top law enforcement agency is warning companies that they may not be able to get their data back from cyber criminals who use Cryptolocker, Cryptowall and other malware without paying a ransom.” Posted by Paul on SecurityLedger.com, October 22, 2015.
https://securityledger.com/2015/10/fbis-advice-on-cryptolocker-just-pay-the-ransom/
After telling SecurityLedger that cryptolocker’s encryption cannot be beat – “The ransomware is that good” – Joseph Bonavolonta, Assistant Special Agent in Charge of the FBI’s CYBER and Counterintelligence Program, added, “The amount of money made by these criminals is enormous and that’s because the overwhelming majority of institutions just pay the ransom.”
Welcome to the frontier – beyond the reach of law enforcement.
DK Pruitt
LikeLike
“The top 5 IT security threats for 2016.”
[By Bev Robb, IT consultant for Power More]
Dell.com, December 29, 2015
https://powermore.dell.com/technology/top-5-security-threats-2016/
1. More online extortion using ransomware
2. More Internet of Things (IoT) attacks
3. More hacktivist activity with strategic campaigns
4. More stealth techniques to hide evidence of threat actor attacks
5. More health record-related data breaches perpetrated by insiders.
DK Pruitt
LikeLike
‘Unprecedented’ cyberattack hits 200K in 150 countries
Friday’s cyber attack hit 200,000 victims in at least 150 countries, the head of the European Union’s police agency said on Sunday, adding he feared that number would grow when people return to work on Monday.
http://www.msn.com/en-us/news/technology/monday-morning-blues-as-wannacry-hits-at-workweeks-start/ar-BBB8zqS?OCID=ansmsnnews11
Europol Director Rob Wainwright told ITV’s Peston on Sunday that what was unique about the attack was that the ransomware was used in combination with “a worm functionality” so the infection spread automatically.
CNBC
LikeLike