A Tennessee pediatric hospital is dealing with a cyber incident disrupting patient services, and a Missouri medical center and Colorado cardiology group have reported breaches linked to their recent security events. Experts say these are reminders of the threats facing healthcare sector entities.
A proposed class action lawsuit against a Montana-based healthcare organization after a recent hacking incident affecting 214,000 individuals - the entity's second significant breach since 2019 - alleges, among other claims, that the entity was negligent when it failed to protect sensitive data.
The $1.5 trillion fiscal 2022 spending bill approved this week by Congress provides modest funding increases - far below what was requested - for two key Department of Health and Human Services' agencies involved with the protection of health data. It is headed to President Biden for his signature.
Despite the drumbeat that began about a decade ago for healthcare entities to bolster their identity and access management, it is still an "incredibly weak" area for many, Lee Kim of HIMSS says. She discusses the effects of cyberattack trends and the Ukraine-Russia War on healthcare organizations.
Monongalia Health System, a West Virginia-based entity that reported a phishing breach in December, affecting nearly 399,000 individuals, this week reported a separate security incident that appears to have potentially involved ransomware. Are the incidents related?
The federal agency enforcing HIPAA is urging covered entities and business associates to sharpen their focus on protecting their organizations against cyberattacks. The agency has also laid out a list of priorities for rule-making, enforcement and other activities in 2022.
Gaps in federal regulations concerning the security and privacy of health data falling outside HIPAA's umbrella are getting filled to some extent by various state laws. But that's creating additional challenges, says privacy attorney Kirk Nahra of the law firm WilmerHale.
A Montana-based healthcare organization is notifying nearly 214,000 individuals of a hacking incident affecting patients, employees and business associates. The breach - described as a "sophisticated criminal attack" - is the second major hacking incident reported by the entity since 2019.
A Seattle, Washington-based community health center operator is facing a class action lawsuit in the aftermath of a data exfiltration incident reported last year as affecting more than 650,000 individuals. The breach also involved data allegedly found posted for sale on the Marketo data leak site.
A consolidated legal case that includes allegations of embezzlement, trade secret theft and intimidation offers an inside look at a complicated and messy alleged insider breach reported last year by a Texas-based accountable care organization.
Hefty proposed settlements have been reached in class action lawsuits involving two separate health data breaches affecting millions of individuals. The incidents were reported by a Texas-based administrative services vendor in 2021 and a Puerto Rico-based clearinghouse in 2019.
Bipartisan legislation introduced by two U.S. senators aims to kick-start the modernization of "outdated" health privacy laws by creating a commission to examine regulatory gaps, including how to address health data falling outside of HIPAA's reach.
Michael Hamilton, CISO at security firm Critical Insight, discusses health data breach trends. The bad news: The number of major breaches reported to regulators in 2021 hit a record high. The good news: The rate of breaches reported last year compared to 2020 appears to be slowing down.
Vision benefits provider EyeMed has agreed to pay $600,000 and implement a long list of data security improvements as part of a settlement with the New York attorney general's office following a 2020 email breach that affected 2.1 million individuals, including nearly 99,000 New Yorkers.
In the midst of a global pandemic, the federal breach tally shows that a record number of major health data breaches were reported in the U.S. in 2021, and the overwhelming majority of them involved hacking/IT incidents. Will those trends continue in 2022?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.