New Jersey-based hospital group Capital Health is dealing with a network outage, caused by a cyberattack earlier this week, which is affecting some patient services. Capital Health is at least the second healthcare provider in the Garden State responding to a cyberattack this week.
New York regulators are warning millions of individuals of identity theft risks involving a data theft at a medical transcriber that has now affected patients of at least two major healthcare groups, including Crouse Health and Northwell Health in the state. Lawsuits in the case are also piling up.
As Congress weighs potential legislative and regulatory guardrails for the use of AI in healthcare, issues such as human oversight, privacy and security risk need close attention, said healthcare industry experts who testified during a House Energy and Commerce subcommittee hearing on Wednesday.
Patient services - including emergency care and telehealth appointments - are still affected at dozens of hospitals and other care facilities in several states operated by Ardent Health Services as the Tennessee-based organization continues to respond to a Thanksgiving Day ransomware attack.
Tennessee-based Ardent Health Services, which operates dozens of hospitals and other healthcare facilities in several states, said on Monday that it is dealing with a ransomware attack that has forced the entity to divert some patients and cancel or reschedule certain procedures.
The tally of individuals whose health data was compromised in a hack on MOVEit file transfer software used by Welltok, a provider of online wellness resources to dozens of health plans, has soared to nearly 8.5 million. The hack is among the biggest health data breaches reported so far this year.
President Joe Biden's recent executive order for artificial intelligence encourages investment in AI while setting a vision for a regulatory framework to address issues involving AI technology safety, bias and other concerns in healthcare, said attorney Wendell Bartnick of the law firm Reed Smith.
Despite the high frequency of major health data breaches involving vendors, many healthcare sector entities remain lax in their approach to manage and reduce third-party security risk, said Glen Braden, CIO and principal of compliance auditing firm Attest Health Care Advisors.
AI is being used "by everyone" these days, including by malicious nation-state actors, and that is raising the level of threats and risks facing hospitals and other healthcare entities, said John Riggi, national adviser for cybersecurity and risk at the American Hospital Association.
Exciting advancements in medicine through the use of AI are already happening, and many more are in the pipeline. But they need to be approached carefully and vetted properly for risk, said Dr. Eric Liederman, medical informatics and national privacy and security leader at Kaiser Permanente.
A new guide from the Cybersecurity and Infrastructure Security Agency aims to help healthcare and public health sector entities get a much tighter grip on managing serious risks posed by the most troublesome types of vulnerabilities threatening the beleaguered industry.
Federal regulators have smacked a New York medical center with an $80,000 penalty as part of a settlement for a HIPAA privacy breach involving the information of three patients that was exposed to a reporter and distributed nationally during press coverage in the early days of the COVID-19 pandemic.
The chief operating officer of an Atlanta-based cybersecurity firm has pleaded guilty and agreed to pay restitution of more than $818,000 in a federal criminal case in which he admitted hacking a Georgia medical center in 2018 in an effort to drum up business for his company.
The estates of two deceased UnitedHealthcare Medicare Advantage policyholders allege in a proposed federal class action lawsuit filed this week that the insurance giant is using an AI tool to illegally deny necessary coverage for post-acute care, such as skilled nursing, to elderly plan members.
The number of healthcare organizations and patients affected by a recent data theft at medical transcription firm Perry Johnson & Associates is expanding: The company now says the breach affected the sensitive information of about 9 million people.