In The Know

July 2017 – Cyber Security Summary

Posted by Julia Foster on August 4, 2017 in Blog

The amount of healthcare data breaches in July was off-the-chart.  At 46 breaches, July had the highest number of breaches in 2017!  July accounts for 20.5% of all 2017 healthcare data breaches; to put that in comparison, before July there was an average of 25 breaches per month. The 46 breaches caused 572,678 records to be compromised. Contributing to these breaches were an identity theft scheme, a not-so-average phishing email, a threat that was undetected for over a year and a double attack.

 

Since the beginning to the year

Since the beginning of 2017, there have been 881 total data breaches causing almost 17 million records to be compromised. Out of those, the healthcare industry accounted for 224 breaches and about 3.5M records compromised. The healthcare industry experience 25.4% of total breaches and 20.8% of records compromised.

 

Identity-Theft Scheme

10 hard-copy medical records were stolen when a county hospital in Oklahoma’s storage building was broken into.  On Thursday July 20th local authorities were able to connect the break-in to two individuals, who were arrested in June 2017 for identity theft.  The suspected thief worked for the County Hospital as a licensed practical nurse. It is reported, after leaving the hospital in early 2017, the suspect returned to the hospital to steal personal patient information. The ex-employee and accomplice, were arrested after the discovery of evidence that linked the partners to numerous reported identity thefts totaling over $300,000. The hospital has taken all necessary steps ensure security of the building in the future and is offering the 10 affected patients free credit support.

 

‘Phishing’ for Cash

In the beginning of July, a university medical center in California reported a breach affecting nearly 15,000 people. Hackers gained access to medical center employees’ accounts through a phishing email. Once they gained access to the accounts, hackers impersonated account owners to send emails to other employees.  The hack was discovered when accounts were used to request large amounts of money. While there is no evidence to show personal information was acquired, the hackers had potential access to personal information such as names, addresses, phone numbers, medical record numbers, diagnoses and SSNs.  The medical center is evaluation its security measures and offering identity and credit protection services to patients who were possibly affected.

 

15 months undetected

While investigating into a recent ransomware attack a Georgia-based neurological clinic found a 15-month breach.  While the clinic was able to restore all information without paying a ransom, during the process they found that hackers had potential access to names, SSNs, driver’s licenses, addresses, phone numbers, medical data, prescriptions and health insurance information from February 2016 through May 2017. It is unknown if any of this personal information was accessed, but the clinic is offering identity theft protection services to patients affected by the breach.

 

Double Whammy

A senior living community reported a second ransomware attack on July 5th. The senior living community, located in Texas, originally reported a breach in May of this year. While investigating into the original attack they found a second ransomware attack. Luckily, the second attack was detected the same day it was discovered and they immediately took action and expanded their investigation to include the scope of the second attack. There is nothing suggesting that hackers accessed personal, but they potentially had access to SSNs, driver’s license numbers, birth dates, addresses, phone numbers, medical record numbers, payment information, health insurance information, and clinical information related to residents.

 

Cyber Security Summary – June 2017

Posted by Julia Foster on July 18, 2017 in Blog, News

Cyber Security Summary – June 2017

While June was less eventful than May, it was still a big month regarding healthcare cyber security.  June is right in line with the 2017 monthly median for healthcare data breaches, but it is almost three times over the monthly median for records compromised. In June 2017 there were 26 healthcare data breaches and approximately 661,055 individuals affected by these breaches.

Since the beginning of the year
From the beginning of January through the end of June, there has been a total of 12,389,462 records compromised and 791 data breaches. Of those data breaches the healthcare industry, with 178 breaches and over 3 million records compromised, accounted for 22.5% of data breaches and 24.3% of records compromised.

 

Notable Incidents

Non-secure disposal of information
A Texas-based hospital notified patients about a possible security breach this month. This notification to patients was a result of a box of medical forms with PHI being found near an unsecured dumpster.  This incident, that may have affected 1,842 patients, gave unauthorized access to patient information including names, birth dates, case numbers and phone numbers.  It is unsure if additional information including mailing addresses, SSNs, health information and financial numbers were included in these forms. While there is no evidence to show these forms are being used maliciously, the organization offered concerned patients one year of free credit monitoring and are reviewing their current processes of PHI disposal to make any necessary changes.

 

Compromised while making education material
A Children’s Hospital in Missouri discovered a security threat through an unauthorized website that contained PHI collected by a hospital physician. The physician was using the information to create an educational resource. While the records were password protected the hospital considered the security measures in place insufficient. If an unauthorized individual or group accessed the site they would have  potentially been able to access sensitive information including names, medical records numbers, gender, dates of birth, encounter number, age, height, weight, body mass index, admission dates, discharge dates, procedure dates, diagnostic and procedure codes, and brief notes. The hospital took down the website immediately after it was discovered.

Health records found on side of the road
A healthcare organization in Tennessee misplaced documents that contained patient names, dates of birth, admitting diagnoses, account numbers and physician names. Luckily these records were found on a rural road in the area.  Further investigation revealed that documents did not include SSNs or medical records.

 

Cyber Security Summary – May 2017

Posted by Julia Foster on June 16, 2017 in Blog, News

Cyber Security Summary –  May 2017

In the cyber security world, May was an extremely eventful month due to the largest ransomware attack to date, occurring worldwide. Luckily, this outbreak only had minimal effects on the United States healthcare industry. For cyber security in the US healthcare industry, May turned out to be a fairly average month in terms of total breaches, but extremely high when it comes to the amount of records compromise. Throughout May there were approximately 30 healthcare breaches and 900,000 records compromised.* Some major cyber security breaches included the global WannaCry ransomware outbreak, TheDarkOverlord stealing (more) health records and a simple URL change exposing personal information.

 

From the Beginning of the Year:

Since the beginning of 2017 through May 2017, there have been 724 data breaches and nearly 11 million records compromised. The medical/healthcare industry accounts for 23% of records compromised, with nearly 2.5 million records, and 22% of breaches with 159 breaches.*

Major Cyber Security Activity

Wannacry

The WannaCry outbreak was the largest ransomware attack to date! Over the course of one weekend the virus infected approximately 200,000 computer systems in 150 different countries. The ransomware targeted vulnerabilities in Microsoft Windows computers. Britain’s National Health System runs on Windows XP making its hospitals one of WannaCry’s largest victims.  Over 40 U.K. hospitals’ systems were paralyzed by the attack.  While the WannaCry attack did not hit healthcare systems in the US as hard, it was reported that numerous US medical devices were infected.

Although the attack effected so many different computer systems it is reported that the hackers only made $50,000. Which is a rather small amount for the high quantity of systems they took control of (for reference in 2016 a hospital in Hollywood paid $17,000 to a hacker to release one system.) Luckily, the attack was stopped by a hacker group known as “Shadow Brokers” and any new waves of WannaCry are not as harmful as the original.

TheDarkOverlord….. is back

The hacker know as, TheDarkOverlord is back.  This particular hacker or hacker group (it is still unknown if TheDarkOverlord is working alone or as a group), who is responsible for numerous other healthcare attacks including the breach of 9.3 million records from a health insurer, stole and released 180,000 patient healthcare records. These records were stolen from a New York based dentist, California’s OC Gastrocare and a Surgery Center in Florida. In TheDarkOverlord fashion, these records were made accessible to the public on Twitter. The database of records contained information such as medical conditions, insurer details, Social Security numbers, birth dates, and payment information.  TheDarkOverlord does not only specialize in extorting healthcare organizations, they are credited for leaking the newest season of Netflix’s show, Orange is the New Black.

A Simple URL Change

A glitch in a large healthcare organization’s online patient portal was giving unauthorized access to patient information with a simple change of a URL.  While this problem was reported in April 2017, it was not entirely fixed until May.  In April a patient portal user reported that when looking at their personal health records, they were able to access other’s records without a username or password by changing a number is the web address.  When accessing these records users could see, names, birthdates, addresses and information that may point to specific diseases. Once the issue was brought to light the organization immediately shut down the patient portal and corrected the problem.

*Values are approximate, based from a report release on June 6th, 2017 by the Identity Theft Resource Center

Sources:

http://www.idtheftcenter.org/

http://www.breitbart.com/big-government/2017/05/15/top-15-things-to-know-about-the-wannacry-global-ransomware-hacker-attack/

https://www.databreaches.net/

http://variety.com/2017/digital/news/orange-is-the-new-black-season-5-hackers-leak-explained-netflix-1202406623/

http://www.healthcareitnews.com/news/thedarkoverlord-honors-threat-exposes-180000-patient-records

http://www.healthcareitnews.com/news/thedarkoverlord-honors-threat-exposes-180000-patient-records

http://www.healthcarefinancenews.com/news/molina-healthcare-shuts-down-online-patient-portal-over-potential-data-breach

 

April 2017 Cyber Security Summary

Posted by Julia Foster on May 4, 2017 in Blog

April 17 CoverApril 2017 Cyber Security Summary

After the crazy month of March, the cyber security world seemed to settle down a little bit in April. April consisted of 21 total healthcare breaches and 122,877 records compromised which included a stolen laptop, a stolen vehicle, and a ransomware attack.

Screen Shot 2017-05-04 at 11.10.52 AM

Since the beginning of the year:

So far 2017 has had 558 total data breaches and almost 10 million records compromised! The healthcare industry has accounted for around 23% of those with 126 healthcare breaches and around 1.5 million records!

 

Some notable attacks included:

Stolen Laptop

A large health system in Rhode Island has notified over 20,000 patients of compromised personal information. The information was access and from an unprotected laptop that was stolen from an employee’s car. The laptop was used to store emails that may have contained patient information including names, medical record numbers, demographic information, and prescribed medications. At this time, there is no indication that the information has been used by the hackers.

Ransomware Attack

Last month, a small practice in Kentucky was attacked by cyber criminals. Their system was placed under a ransomware attack which resulted in their patient’s ePHI being encrypted. Almost 20,000 patient’s records were encrypted and inaccessible, but after two days of system downtime, the practice was able to recover the encrypted data from backups. Luckily, the practice did not have to pay the ransom that the hackers were demanding since the system was backed up.

Stolen Vehicle

In Montana, a health screening provider had to notify over 15,000 patients of a data breach after a facility owned vehicle was stolen on the way to a health fair. The stolen vehicle contained a flash drive which contained demographic information of health fair participants. Although there is no evidence of the information being misused, the organization offered a credit monitoring service to those affected.

growing your business

 

 

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

Egg-stremely, Egg-cellent ICD-10 Codes for Easter

Posted by Julia Foster on April 14, 2017 in Blog

Spring brings Easter and like most holidays there are ICD-10 for the occasion, keep an eye out for these codes:

Egg #2R73.9- Hyperglycemia, unspecified
You might be needing this code after eating an Easter basket full of chocolate and  jelly beans.

 

Egg #3W01.0XXA- Fall on same level from slipping, tripping and stumbling
One of the greatest Easter pastimes is egg hunts.  Be careful, you don’t slip, trip or stumble while looking for the golden egg.

 

Egg #1

F40.218- Animal type phobia
Face it, kids aren’t the only ones afraid of the giant bunny at the mall.

 


Egg #5

Z91.012- Allergy to eggs
If you didn’t know it before, you might discover this allergy.

 

Egg #4


W61.33XA- Pecked by chicken
Baby animals, including chicks, are icons of Easter.

 

March 2017 Cyber Security Summary

Posted by Julia Foster on April 6, 2017 in Blog

 

March 17 Cover

March 2017 Cyber Security Summary

March has been the most eventful month for healthcare cyber security since the beginning of the year. With 27 individual breaches, the number of records compromised in March was more than triple the number of records compromised in January and February combined! Some of the most notable breaches include a former employee stealing records, a ransomware attack, and a phishing scam.

What Happened in March

Screen Shot 2017-04-06 at 3.12.01 PM

Cyber Security Breaches in 2017:

So far in 2017, there have been 410 total data breaches, and 99 of those have been healthcare related. There have been 6,862,337 total records compromised this year, with 22% of them being in the healthcare industry.

Notable breaches in March:

2017 Largest Data Breach
With almost 700,000 records compromised, a Kentucky healthcare facility had the largest healthcare data breach this year. The breach occurred when a former employee obtained, without authorization, patient information on an encrypted CD, and encrypted USB drive. The information on the drive included names, addresses, Social Security numbers, and insurance information. The investigation indicates that she “intended to use these records to assist in the development of a computer-based tool for an outside business interest which had never been disclosed to the hospital.”

Ransomware Attack
A medical center in Austin notified nearly 300,000 of their patients of a data breach incident that took place at their facility. The breach was caused by a ransomware attack on the system, luckily the attack was detected early, so it did not cause too much harm to the system. However, the hackers still had the potential to access names, addresses, dates of birth, Social Security information and medical information. Many times these types of attacks are not intended to misuse the patient information, but to lock the hospital out and force them to pay a ransom to regain access. The medical center still decided to provide identity theft monitoring services as an extra caution for patients.

‘Phishy’ Emails
A number of employee email accounts were compromised at a hospital in Washington due to a phishing attack. Phishing emails are sent in attempt to trick users into revealing sensitive information. In this case, the hackers were able to gain access to over 80,000 patient’s information. The attack was not realized for more than seven weeks after it occurred giving the attackers lots of time to access or steal information. The hospital has notified the patients who were affected and is also taking steps to reeducate their employees on the dangers of phishing emails.

 

March Cyber Security Infographic

 

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

Health Information Professional (HIP) ‘Fill in the Code’ Challenge

Posted by Julia Foster on March 24, 2017 in Blog, News

HIP Week Fill in the Code Challenge- Blog Banner

Health Information Professionals Week is March 26th – April 1st, 2017! In honor of HIP week, Excite Health Partners will be hosting HIP Week ‘Fill in the Code’ Challenge. Enter each day for your chance to win a $10 gift card or the grand prize, pictured below!

 
-The Details-Each week day during HIP Week at 3:00 pm (EST), we will post a joke on our Facebook, Twitter and Instagram pages with one word missing.  The missing word will be replaced with an ICD-10 code. You can participate by telling us what the missing word is. Each daily winner will receive a $10 gift card to their choice of Dunkin’ Donuts, Starbucks or Panera Bread. All correct answers will be submitted into a drawing for the daily prize and all daily entries will be combined for the grand prize drawing. The grand prize winner will be selected April 3rd at 3:00 pm EST.

 

 

How to enter & the rules

To enter the contest message us your answer. Answers must be sent before the following day at 3:00 pm EST when the next joke is posted.  You may only answer once a day, but you can receive up to 3 additional daily entries by tagging friends in daily posts (1 entry per tagged friend and the same friend cannot be tagged more than once).  Make sure you like our Facebook page, following us on Twitter and follow us on Instagram. Good Luck! Email info@excitehp.com if you have any questions!

 

 

The Grand Prize

Prize

The grand prize, which is pictured above, includes a Vera Bradley beach tote,  Kate Spade sticky note set, a waterproof Bluetooth speaker, beach towel, Essie spring mini collect, Starbucks tumbler, light blue Rtic tumbler and more!

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

February 2017 Cyber Security Summary

Posted by Julia Foster on March 8, 2017 in Blog, News

Feb Cyber Security

February 2017 Cyber Security Summary

February consisted of a ransom attack, a break-in and a breach from inside the system, all which contributed to 21 total healthcare breaches and nearly 80,000 records compromised.

feb graph

Since the beginning of the year:

There have been 1,288,302 million total records compromised since the beginning of 2017, and over half of them have been healthcare records. Of the 279 total data breaches, 72 of them have occurred in the healthcare field.

February’s most notable healthcare breaches:

The Internal Employees
A pair of patient transporters accessed over 3,000 medical records from a university-based hospital in Tennessee. The two employees looked at 3,247 medical records between May 2015 and December 2016. They were able to see personal information such as demographics, medical record numbers, and social security numbers. As of now, there is no evidence that the information was downloaded or printed. However, the medical center is still taking proper precautions and sending letters to patients notifying them of the breach.

Appointment System
A Georgia-based health system fell victim to a ransomware attack that included almost 80,000 patients’ records. The information was accessed through the system’s appointment software “Waits and Delays.” The hackers were able to remove the appointments database and then demanded a ransom to restore the site. It is not evident if the health system paid it or not. The information stolen included names, dates of birth, contact information and appointment information. Since becoming aware of the breach, the hospital has notified all of the patients who were affected by the breach and encouraged them to keep an eye on their financial statements and credit reports.

Break In
7,000 patient records were stolen during a break-in at a healthcare provider’s office in Kansas. The break-in had occurred at approximately 5:00 am before the facility opened. The intruder gained access by breaking a window and stole a desktop computer and a printer. The computer contained many non-encrypted appointment notes dating back to 2002 and 2003. The information in the notes varied, but some consisted of names, dates of birth and diagnoses and orders.

Feb Infographic

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram

Health Information Professionals (HIP) Week 2017 – March 26th-April 1st

Posted by Julia Foster on March 6, 2017 in Blog

Happy Health Information Professionals Week! Header

Health Information Professionals (HIP) Week 2017 – March 26th-April 1st

2017 marks the 27th annual Health Information Professionals (HIP) week. This week, which according to AHIMA.org, “is a showcase for the thousands of health information management (HIM) professionals who perform their duties masterfully throughout the year,” will be held March 26th, 2017- April 1st, 2017.

This week is sponsored by The American Health Information Association (AHIMA).  This year’s theme will be “Leading the way to quality data.” To celebrate this week Excite Health Partners will be hosting the HIP Week ‘Fill in the Code’ Challenge, participate for your chance to win 1 of 5 daily prizes and/or the grand prize!

HIPlogoCMYK

5 Topics & Launches from HIMSS17

Posted by Julia Foster on March 3, 2017 in Blog

Blog Header (1)

5 Topics & Launches from HIMSS17

The hustle and bustle of over 40,000 attendees, 1,200 vendors and 300 sessions at HIMSS17 ended just last week.  With everything going on there is a chance you may have missed something, here are five topics and launches from HIMSS17.

1

While there were many topics being discussed at the 4-day event, attendees have had a hard time pinpointing what issues dominated the conference.  Just like the world of HIT, HIMSS17 had a lot going, here is what some of the buzz was all about:

  1. Cybersecurity
    As we know, security breaches in the healthcare industry are in the headlines every day making it a no-brainer this would be a hot topic at the conference. HIMSS felt cybersecurity was so important they dedicated a full-day event, the Cybersecurity Forum, to the topic.  While cybersecurity has been a hot topic for a couple of years, this year the conversations turned to medical devices.  According to Marty Edwards, director of the Industrial Control Systems Cyber Emergency Response Team at the Department of Homeland Security “It is only a matter of time before we see a major event affecting patients involving medical device cybersecurity.”
  1. Interoperability
    Interoperability was a huge focus at last year’s conference, while cybersecurity seemed to be bigger this year, interoperability was still a primary focus for many attendees, vendors, and speakers. While significant progress has been made regarding Interoperability, it may not be happening as quickly as we would all have liked. HIMSS17 left us feeling optimistic; progress is still coming and at a steady rate!
  1. Big Data and Analytics
    According to Paul Black, CEO of Allscripts, “I expected and saw the spotlight on the transformation of Big Data into more meaningful, usable analytics.” The discussion revolved a lot around how to manage patient responsibility, connectivity to communication platforms, and even interventions when necessary.
  1. Value-Based Care
    HIT professionals were looking for tools and solutions to operationalize value-based care and payments. They were also looking for ways to increase patient engagement and enhance the patient experience.
  1. Telehealth
    There is no doubt telehealth is up and coming.  Many forces are driving the expanded use of telehealth services including the reduction of the spread of contagious viruses/sicknesses, access for rural communities, and cost reduction.

2

With so many Health IT professionals under the same roof, there is no better place than HIMSS to launch or demo a new product. There were quite a few product launches and demos throughout the show, here are some of our favorites:

  1. App Orchard- Epic
    The highly-anticipated launch of App Orchard, Epic’s app store, finally happened at HIMSS17.  According to Epic’s website “The App Orchard is where developers can learn about Epic’s APIs and list their apps for Epic community members to explore and access.”
  1. Healthy Hospital- McKesson
    McKesson had lots of new products to demo during the show, one of those being Healthy Hospital.  According to a press release, “Healthy Hospital is a new program that uses advanced analytics to help providers benchmark key revenue cycle metrics, and identify areas where they can accelerate or otherwise improve financial performance.”
  1. Touchstone-Medisolv
    Touchstone, which is a comprehensive benchmarking software tool that can be utilized by hospitals and physicians for the measurement of quality and safety, will be available early summer.  Touchstone, according to medisolv.org, is  “the first benchmarking software of its kind for hospital eCQMs in the cloud,” will be available early summer
  1. DS8100-HC series scanners AND TC51-HC mobile computers- Zebra Technologies
    Zebra Technologies released scanners and mobile computers that according to a press release “can foster clinical collaboration for staffers and drive better operational efficiencies, while also supporting the five rights of medication administration to help increase patient safety.”
  1. ClaimStaker- Alpha II
    Alpha II released ClaimStaker, a claims editing software.  According to their site, “ClaimStaker, is the most comprehensive clinical claim and encounter scrubbing tool available today.”

HIMSS BLog graphic

 

07_linkedin 02_facebook 01_twitter 13_pinterest 10_instagram