The pandemic has raised the ante significantly for the attack surface and the level of insider threats facing healthcare sector entities, according to Dave Bailey, vice president of security services, and attorney Andrew Mahler, vice president of privacy and compliance, of consultancy CynergisTek.
A Tennessee pediatric hospital is dealing with a cyber incident disrupting patient services, and a Missouri medical center and Colorado cardiology group have reported breaches linked to their recent security events. Experts say these are reminders of the threats facing healthcare sector entities.
A proposed class action lawsuit against a Montana-based healthcare organization after a recent hacking incident affecting 214,000 individuals - the entity's second significant breach since 2019 - alleges, among other claims, that the entity was negligent when it failed to protect sensitive data.
A healthcare services contractor agrees to pay a $933,000 settlement in a whistleblower case about alleged false claims about the security of electronic medical records of military personnel and diplomats. It is the first settlement under the Department of Justice's new Civil Cyber-Fraud Initiative.
The $1.5 trillion fiscal 2022 spending bill approved this week by Congress provides modest funding increases - far below what was requested - for two key Department of Health and Human Services' agencies involved with the protection of health data. It is headed to President Biden for his signature.
Monongalia Health System, a West Virginia-based entity that reported a phishing breach in December, affecting nearly 399,000 individuals, this week reported a separate security incident that appears to have potentially involved ransomware. Are the incidents related?
Gaps in federal regulations concerning the security and privacy of health data falling outside HIPAA's umbrella are getting filled to some extent by various state laws. But that's creating additional challenges, says privacy attorney Kirk Nahra of the law firm WilmerHale.
A Montana-based healthcare organization is notifying nearly 214,000 individuals of a hacking incident affecting patients, employees and business associates. The breach - described as a "sophisticated criminal attack" - is the second major hacking incident reported by the entity since 2019.
A Seattle, Washington-based community health center operator is facing a class action lawsuit in the aftermath of a data exfiltration incident reported last year as affecting more than 650,000 individuals. The breach also involved data allegedly found posted for sale on the Marketo data leak site.
Bipartisan legislation introduced by two U.S. senators aims to kick-start the modernization of "outdated" health privacy laws by creating a commission to examine regulatory gaps, including how to address health data falling outside of HIPAA's reach.
Michael Hamilton, CISO at security firm Critical Insight, discusses health data breach trends. The bad news: The number of major breaches reported to regulators in 2021 hit a record high. The good news: The rate of breaches reported last year compared to 2020 appears to be slowing down.
As ransomware and other disruptive security incidents continue to surge, cyberattacks rank as the top health technology hazard in hospital environments this year, say security experts Chad Waters and Juuso Leinonen of patient safety organization ECRI.
Cyberattacks remain a critical security concern - and a top patient safety hazard - for the healthcare and public health sector in 2022, federal authorities and other experts warned this week. Will recent takedowns of ransomware criminal gang members by law enforcement agencies help?
Federal regulators have released the final versions of the long-awaited Trusted Exchange Framework and Common Agreement, which provide a governance framework to promote secure, interoperable nationwide health information exchange - an effort that has been in the making for years.
Due to the rapid digital transformation healthcare has undergone, the healthcare industry is facing a fundamentally new threat landscape. Providers need to understand the challenges ahead, the problems they will face and most importantly how to solve these issues.
Read this report to learn: