All posts in category Privacy and Security

Securing API-based Access to Patient Data

By EHRA Standards & Interoperability Workgroup

One of the goals of the 21st Century Cures Act’s health IT provisions was to enable patients to have secure access to their electronic health information using Application Programming Interfaces (APIs). The Office of the National Coordinator for Health IT (ONC) advanced that objective when it published its May 2020 Final Rule, which specifies HL7(R) FHIR(R)-based standards that health IT developers (as well as provider organizations developing their own solutions) will be expected to implement so that patient can access their health data using apps of their choice, connected to APIs. But how can patients be assured that their health information is secure once it leaves the EHR? 

Health data are among an individual’s most sensitive information, obligating all members of the healthcare community to protect patient privacy by ensuring secure data exchange. This blog post will review how the ONC standards for patient access can enable best practices to securely share patient health data.

(more…)
Leave a comment
by EHR Association on March 15, 2021  •  Permalink
Posted in Health IT Regulation, Health IT Standards, Interoperability, Privacy and Security

Posted by EHR Association on March 15, 2021

https://ehrablog.org/2021/03/15/securing-api-based-access-to-patient-data/

Cyberattacks Increase in the Time of COVID-19

By Justin Armstrong, Chair, and Nam Nguyen, Vice Chair
EHRA Privacy & Security Workgroup

For COVID-19 resources for health IT developers and other stakeholders, click here.

As part of National Cybersecurity Awareness Month, EHRA is highlighting three alarming trends in cyberattacks that have arisen since the beginning of the COVID-19 pandemic that health organizations should pay special attention to:

  1. Increases in COVID-19 themed cyberattacks
  2. Increased risk of exploitation with more employees working from home
  3. Increase in targeting of COVID-19 research and vaccine development
(more…)
Leave a comment
by EHR Association on October 15, 2020  •  Permalink
Posted in COVID-19, Privacy and Security

Posted by EHR Association on October 15, 2020

https://ehrablog.org/2020/10/15/cyberattacks-increase-in-the-time-of-covid-19/

Protecting Your Organization and Yourself from Coronavirus-Related Scams and Malware

By Justin Armstrong
Chair, EHRA Privacy & Security Workgroup

For updated COVID-19 resources for health IT developers and other stakeholders, click here.

Untitled design(5)In the midst of a healthcare crisis like COVID-19, the furthest things from the minds of many may be cybersecurity. However, now is the time for a heightened alert level. Attackers frequently take advantage of current news and distracted organizations, and the COVID-19 crisis is no different. 

Forbes reports that “there are now more than 40,000 ‘high-risk’ COVID-19 threats on the web.” Hackers have already attacked or attempted attacks on the U.S. Department of Health & Human Services, the World Health Organization, a vaccine test center, hospitals, a public health department, and other healthcare organizations in the U.S. and around the world. The increase in teleworking opens up new avenues of risk

(more…)

1 Comment
by EHR Association on April 30, 2020  •  Permalink
Posted in COVID-19, Privacy and Security

Posted by EHR Association on April 30, 2020

https://ehrablog.org/2020/04/30/protecting-your-organization-and-yourself-from-coronavirus-related-scams-and-malware/

Recruiting Healthcare Cybersecurity Staff Takes Creativity

By Justin Armstrong
Chair, EHRA Privacy & Security Workgroup

Cybersecurity help wanted(2)It’s not news that, from the front line security analyst to the CISO level, there’s a shortage of skilled healthcare cybersecurity staff.  

Thankfully, interest in cybersecurity has never been greater! There is a career in cybersecurity to fit every personality, temperament, and level of technical acumen. Some positions require intense focus and deep technical knowledge, while others require interpersonal skills.

How can you find talent in such a tight market? There are several good avenues.

(more…)

Leave a comment
by EHR Association on February 13, 2020  •  Permalink
Posted in Privacy and Security

Posted by EHR Association on February 13, 2020

https://ehrablog.org/2020/02/13/recruiting-healthcare-cybersecurity-staff-takes-creativity/

Ransomware Trends, the $64,000 Question, and Preparedness

ransomware

By the EHRA Privacy & Security Workgroup

One of the latest ransomware variants making the rounds is Ryuk. It’s deployed using malware believed to be managed by Russian criminal groups with code names “Wizard Spider” and “Grim Spider” (learn more here).

Ransomware Trends

The Crowdstrike 2019 Global Threat Report highlights disturbing new trends that make cyberattacks increasingly difficult to detect and block without more advanced tools. These include:

(more…)

Leave a comment
by EHR Association on October 29, 2019  •  Permalink
Posted in Privacy and Security

Posted by EHR Association on October 29, 2019

https://ehrablog.org/2019/10/29/ransomware-trends-the-64000-question-and-preparedness/

Preventing Malware Infections Starts With Good Cyber Hygiene

By the EHRA Privacy & Security Workgroup

Danger enter keyJust as healthcare clinical staff recognize the value of good physical hygiene to prevent infection, good cyber hygiene can prevent malware infections. 

The number one preventative step? Staff vigilance. Everyone must be careful with clicks — whether it be an email, website link, or file attachment. Even as we’re inundated with information in today’s fast-paced digital world, taking the time to think before you click is just as important in preventing digital infections as washing hands between patients is in preventing bacterial infection.

(more…)

2 Comments
by EHR Association on October 22, 2019  •  Permalink
Posted in Privacy and Security

Posted by EHR Association on October 22, 2019

https://ehrablog.org/2019/10/22/preventing-malware-infections-starts-with-good-cyber-hygiene/

« Older Posts

  • Categories

  • Follow EHRA on Twitter

  • Enter your email address to follow this blog and receive notifications of new posts by email.

    Join 169 other followers

  • Contact Us

    Kristi Feliksik
    kfeliksik @ ehra.org

    Elinore Boeke
    Communications and Media
    elinore @ kecommunications.net