News

Healthcare security culture steadily improving, but gaps remain

March 28, 2024 - As the healthcare and pharmaceuticals sector continues to face a high volume of cyberattacks, maintaining a strong security culture remains a crucial element to maintaining a strong security posture. KnowBe4’s 2024 Security Culture Report, which assesses security culture on a global scale, found healthcare to be in the...


Articles

HHS offers resource guide to providers impacted by Change Healthcare cyberattack

by

Healthcare providers nationwide are continuing to face financial and operational challenges in the aftermath of the Change Healthcare cyberattack, which began more than one month ago. In...

HC3 alerts shed light on two popular healthcare cyberattack tactics

by

The HHS Health Sector Cybersecurity Coordination Center (HC3) released two sector alerts recently, each highlighting a different cyber threat tactic that bad actors may use to facilitate healthcare...

New cyber legislation would provide advance payments to providers facing hacks

by

Senator Mark Warner (D-VA) has introduced the Health Care Cybersecurity Improvement Act of 2024, which would allow for advance and accelerated payments to providers in the event of a cybersecurity...

OCR updates HIPAA guidance on online tracking technologies

by

OCR recently released updated HIPAA guidance for covered entities and business associates who use online tracking technologies that exchange protected health information (PHI). The guidance addresses...

Change Healthcare cyberattack affecting hospital finances, care access

by

The majority of hospitals say the Change Healthcare cyberattack is negatively affecting their finances and hindering patient care access, according to a survey from the American Hospital Association...

Change Healthcare cyberattack fallout continues

by

UPDATE 3/19/2024 - This article has been updated to reflect new information about the Change Healthcare cyberattack. Change Healthcare will start releasing medical claims preparation software in...

MA hospitals losing $24M per day following Change Healthcare cyberattack

by

The Change Healthcare cyberattack is costing Massachusetts hospitals at least $24 million per day, according to the Massachusetts Health & Hospital Association (MHA). After Change...

63% of known exploited vulnerabilities found on healthcare networks

by

Healthcare networks and medical devices are highly vulnerable to cyberattacks, according to a recent study from cyber-physical systems protection company Claroty. The study found that 63 percent of...

Healthcare data breaches are piling up 3 months into the year

by

As of the first week of March, 116 healthcare data breaches have been reported to the HHS Office of Civil Rights (OCR) in 2024, impacting over 13 million individuals. The most common breach types were...

Healthcare hit hardest by ransomware last year, FBI IC3 report shows

by

The healthcare sector suffered more ransomware attacks than any other critical infrastructure sector last year, according to complaint data examined in the Federal Bureau of Investigation’s 2023...

Lurie Children’s Restores Key Systems Following Cyberattack

by

Lurie Children's Hospital in Chicago has restored its Epic EHR platform and other key systems following a cyberattack that began on January 31st, the hospital stated. MyChart remains unavailable as...

HHS Releases Statement on Change Healthcare Cyberattack

by

HHS released a statement regarding the Change Healthcare cyberattack and shed light on immediate steps that CMS is taking to assist providers during this time. The announcement follows multiple...

Indiana AG Sues Healthcare Organization Over Data Breach

by

Indiana Attorney General Todd Rokita filed a lawsuit against Apria Healthcare over a data breach that unfolded between April 2019 and October 2021. Apria is a leading provider of home medical equipment...

Optum Offers Temporary Funding Assistance For Change Healthcare Customers

by

UPDATE 3/5/2024 - This article has been updated to include excerpts from a letter that the AHA sent to UnitedHealth Group.  Optum has launched a temporary funding assistance program to help...

NIST Releases CSF 2.0, Caters to Audience Beyond Critical Infrastructure

by

The National Institute of Standards and Technology (NIST) released version 2.0 of its Cybersecurity Framework (CSF), which is broadly used to reduce cyber risk across critical infrastructure....

MGMA Urges HHS to Financially Assist Medical Groups Amid Change Cyberattack

by

The Medical Group Management Association (MGMA) urged HHS to use “all the tools at its disposal” to mitigate the impacts of the Change Healthcare cyberattack on medical groups in a letter...

HSCC Issues Five-Year Health Industry Cybersecurity Strategic Plan

by

The Healthcare and Public Health (HPH) Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) announced the publication of its “Health Industry Cybersecurity Strategic Plan”...

Cybersecurity Preparedness Tied to Lower Insurance Premium Increases

by

Surveyed healthcare organizations that used the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) as their primary framework saw lower cyber insurance premium...

HHS Delivers Reports to Congress on HIPAA Compliance, Enforcement

by

The HHS Office for Civil Rights (OCR) delivered two reports to Congress on HIPAA compliance and enforcement efforts logged by the department during the 2022 calendar year. HHS is required to...