Cygilant Blog

Why is Compliance Important to the Healthcare Industry?

Posted by Shawn O'Brien on Nov 7, 2016

It's critical that health care companies are in compliance with federal and state regulations.

Do you know what the HIPAA Security Rule is? What about the Privacy Rule? If you're a health provider, it's paramount you understand what both of these regulations are, otherwise you could end up like a number of health companies - in a financial mess.


"It's paramount that you understand what HIPAA's Security and Privacy Rules are, respectively."

Take St. Elizabeth's Medical Center in Brighton, Massachusetts, which broke HIPAA's Security Rule by violating regulations regarding electronic Protected Health Information, according to Elizabeth Snell of Health Security.

Healthcare Organizations Are Under Cyber Attack

Posted by Shawn O'Brien on Aug 23, 2016

The healthcare industry just keeps getting hammered by cybercriminals in 2016. The reality for healthcare organizations is that cyber attacks are now part of their everyday business and that the best option is to improve their cyber defenses in order to better protect themselves.


According to the third annual Experian 2016 Data Breach Industry Forecast report, 91% of all healthcare organizations reported at least one data breach in the last two years. What makes them such prime targets is the price of the valuable information they have. According to this same report, “medical records are worth up to 10 times more than credit card numbers on the black market.”

Data Breaches in the Medical Industry: How MedTech Companies Are Becoming More Vulnerable

Posted by Kevin Landt on May 26, 2016


In early 2016, high-profile ransomware attacks on hospitals—a cybersecurity trend EiQ has posted about before—demonstrated that profit-minded hackers are now targeting the medical industry. Recent incidents show that medtech companies will continue to be at risk of cyber attacks unless they invest in proactive solutions such as network security monitoring.


Below is a review of recent medical technology compromises, along with an exploration into why this is happening and what medtech companies can do to protect themselves.

Why Medical Facilities Are Growing Targets of Cyber Attacks

Posted by Kevin Landt on Apr 1, 2016


The California hospital hack in February brought even more awareness to the fact that the medical industry is increasingly a prime target for hackers. That raises two serious questions for decision-makers in healthcare: why is this happening, and what can facilities do about it?


What the California Hospital Hack Means for the Healthcare Industry

Posted by Shawn O'Brien on Mar 11, 2016


The healthcare industry is more at risk of cyber attacks than ever. In February 2016, hackers sabotaged a California hospital and demanded a substantial ransom to stop holding the medical center's systems hostage. The attack reveals how dangerous cyber criminals can be—going so far as to put lives at risk for monetary gain—and it serves as a reminder that the healthcare industry needs to improve its current approach to cybersecurity.


Hackers are Targeting Healthcare in 2016: Here’s Why

Posted by Trevan Marden on Feb 10, 2016


One year ago, Anthem announced a massive data breach, starting what would be a year that saw more large-scale hacker-related healthcare breaches than ever before. Premera also disclosed a massive breach shortly after, followed by several other notable names, with millions of individuals affected. In 2015, “the top six hacker attacks [in healthcare] affected a combined total of 90 million individuals” according to a recent article citing the U.S. Dept. of Health and Human Services.  In fact, research from the Ponemon Institute shows that criminal activity is now the leading cause of data breaches in healthcare. The Ponemon study also reveals that “criminal attacks in healthcare are up 125 percent since 2010.” There’s no reason to think this trend will stop anytime soon. 


Let’s look at some of the reasons behind the trend:

Avoiding Fatal Mistakes: How SMEs in Healthcare Can Learn from the Anthem Breach

Posted by Kevin Landt on Jan 27, 2016


The breach of Anthem Insurance is a story that small and medium-sized enterprises in the healthcare industry can learn from so that they avoid facing the same fate as the health insurer. Here’s a look at how the hack happened and how two basic security tools—network security monitoring and encryption—would have protected Anthem.

Protected Health Information Risk Not Limited to Healthcare Industry

Posted by Trevan Marden on Jan 8, 2016

You may be aware that criminal activity is now the leading cause of data breaches for healthcare, according to a recent study by the Ponemon Institute. But you may not realize that other industries are also susceptible to data breaches involving protected health information. In fact, the recent Verizon 2015 Protected Health Information Data Breach Report concludes that 90% of industries have experienced a breach of protected health information.

These Are the Most Vulnerable Industries for Cyberattacks

Posted by Kevin Landt on Oct 23, 2015

As more nation-state actors get into the hacking game, businesses and governments become more interested in which industries are the most vulnerable. To answer that question, you have to ask which are inherently the most vulnerable, which are the most desirable for hackers, and where do the two meet?


A lot of hacking is devoted to making money, communicating a message, or just making a mess. Cyberwarfare, however, has only ever really happened if you count the Stuxnet attack on Iran’s nuclear program, which actually succeeded in creating physical damage. But it seems safe to say nation-states—your own and others, both friendly and not—are going to be as interested in cyberwarfare as they are in cyber-espionage.

How Does HIPAA Affect Cybersecurity? Here's What You Need to Know

Posted by Security Steve on Oct 16, 2015

Most of us know the HIPAA Privacy Rule primarily as that document you sign when you go to the pharmacist. But if your business is in the health industry or intersects with it, HIPAA is a great deal more than that. Even if you aren’t directly connected to this sector, it's helpful to understand the ramifications of digital privacy and security.


Earlier this year, the Cancer Care Group, an Indiana-based oncology practice, got hit with a $750,000 fine for a breach of patient information from an unsecured device. This underscores the need for healthcare-oriented sites to pay particular attention to online security.


This lack of fundamental digital security by the medical practice was not just a breach of basic security practice but of the Health Insurance Portability and Accountability Act of 1996, specifically the HIPAA Privacy Rule. In other words, Cancer Care Group broke the law by not having a privacy policy in place.

Most Recent Posts

Subscribe to Email Updates