Document Download
Global
Cybersecurity:
Keeping You Informed
A Message from David Widmann, President and CEO, Konica Minolta Healthcare Americas, Inc.
Konica Minolta Healthcare Americas is committed to providing exceptional healthcare solutions to our customers by deploying cutting edge software, systems, and services. We know that our customers depend on us, now more than ever as we face not only a pandemic but also persistent cybersecurity threats in healthcare.
We are continuously vigilant and take cybersecurity seriously, understanding that surfacing these risks is the responsibility of all of us. This site is developed as a resource for our customers to share information relevant to securing patient data in your operations.
A Message for our Customers
As the Covered Entity your company has the responsibility to protect its PACS system (Exa server) and all interconnecting networks that house PHI data. Please ensure that your organization has the appropriate physical security and cybersecurity deployed to safeguard your PHI data from breach or ransomware. These measures should be aligned to your organizations risk acceptance and privacy rule standards, under the HIPAA regulatory requirements, from the Department of Health and Human Services (“HHS”).
These safeguards are (but not limited to):
- Reasonable perimeter security (area access restrictions).
- Appropriate network segmentation.
- Multiple firewalls and routers.
- Data encryption at any points of PHI. “At rest” and “in transit”.
- Appropriate endpoint protection. AV / Malware protection, Endpoint Detection and Response EDR.
- An appropriate Disaster Recovery and Business Continuity (DRBC) plan that is tested regularly to ensure it will work properly in the event of ransomware attack or system failure.
At no time should you have port 104 (or any other port) open directly to the internet without a robust and up to date VPN that uses 256 AES data encryption.
Security & Privacy Environments
-
February 1, 2021
ecFirst Download File
HIPAA Fundamentals – An introduction to the fundamentals of HIPAA compliance.
-
February 1, 2021
ecFirst Download File
HIPAA Covered Entities – An Infographic
-
February 1, 2021
ecFirst Download File
HIPAA Business Associate — An Infographic
-
February 1, 2021
U.S. Department of Health & Human Services Download File
HIPAA Security Rule Crosswalk to NIST Cybersecurity Framework
-
May 3, 2020
U.S. Department of Health & Human Services Download File
Summary of the HIPAA Privacy Rule – Who is covered? What information is protected? How protected health information can be used and disclosed?
Cybersecurity Education & Training
-
April 11, 2021
U.S. Cybersecurity & Infrastructure Security Agency Website Link
CISA Security Tip (ST19-001) — Protecting Against Ransomware
-
February 1, 2021
ecFirst Download File
Ransomware: Fast Facts – An Infographic
-
February 1, 2021
U.S. Department of Health & Human Services Website Link
Ransomware Guidance from U.S. Department of Health & Human Services
-
February 1, 2021
U.S. Department of Health & Human Services Download File
Quick-Response Checklist from the HHS, Office for Civil Rights (OCR)
-
June 7, 2011
U.S. Department of Health & Human Services Download File
Cyber Attack Quick Response
Best Practices
-
February 23, 2021
ACR Bulletin: Recovery ModeAmerican College of Radiology Website Link
Cyber attacks have ramped up in recent years, and radiology practices must be prepared to respond decisively to potential breaches.
-
June 27, 2019
ACR Bulletin: Under AttackAmerican College of Radiology Website Link
Radiologists must make cyber security a priority to protect their businesses and patient data.
Current CVE’s
Current Common Vulnerabilities and Exposures (CVE) Information and Investigations for Konica Minolta Products
-
July 21, 2021
U.S. Cybersecurity & Infrastructure Security Agency (CISA) Website Link
PrintNightmare (CVE-2021-34527) – Critical Windows Print Spooler Vulnerability
KMHA is aware of the vulnerability CVE-2021-34527, named “PrintNightmare”. Information on the PrintNightmare vulnerability can be found at the link below.
KMHA is actively assessing products that utilize impacted Microsoft operating systems to determine possible impact. Additional information will be available upon completion of patch testing once complete.
Please Contact the Call Center 1 (800) 945-0456 to inquire about this vulnerability and any impact to your Konica Minolta System.
Cybersecurity Related Alerts, News & Updates
-
Vulnerability Summary for the Week of October 18, 2021on October 25, 2021 at 11:07 am
Original release date: October 25, 2021 High Vulnerabilities Primary Vendor -- Product Description Published […]
-
Vulnerability Summary for the Week of October 11, 2021on October 18, 2021 at 11:23 am
Original release date: October 18, 2021 High Vulnerabilities Primary Vendor -- Product Description Published […]
-
Vulnerability Summary for the Week of October 4, 2021on October 11, 2021 at 2:14 pm
Original release date: October 11, 2021 High Vulnerabilities Primary Vendor -- Product Description Published […]
-
Vulnerability Summary for the Week of September 27, 2021on October 4, 2021 at 10:47 am
Original release date: October 4, 2021 High Vulnerabilities Primary Vendor -- Product Description Published […]
For all CISA mailing lists and feeds see their website.
Contact Konica Minolta Healthcare Americas about Cybersecurity
AeroDR®, AeroSync®, DRYPRO®, FlexDR®, IMAGEPILOT®, informity®, IQUE®, PrintLink®, REGIUS®, SONIMAGE®, and Xpress CR® are registered marks of Konica Minolta Healthcare Americas, Inc.
AeroRemote™, KDR™, SKR™, SNIBLE™, SNV™, T2HI™, VIRSERBEST™, VIZION™, EXA™ and OPAL-RAD™ are registered trademarks of Konica Minolta Healthcare Americas, Inc.