Health IT Security and HIPAA News

KLAS: AI, Market Consolidation Impact Patient Privacy Monitoring Vendor Trends

by

Patient privacy monitoring solutions help healthcare organizations manage privacy risks and detect unauthorized access to patient data, playing a crucial role in compliance and patient confidentiality....

Biden Administration Unveils National Cyber Workforce and Education Strategy

by

The Biden-Harris Administration unveiled the National Cyber Workforce and Education Strategy (NCWES), aimed at reducing cyber workforce gaps and empowering individuals to enter the cyber workforce. The...

MOVEit Transfer Breach Impacts 612K Medicare Beneficiaries, CMS Says

by

The Centers for Medicare & Medicaid Services (CMS) notified 612,000 Medicare beneficiaries of a data breach stemming from a vulnerability in Progress Software’s MOVEit Transfer software. The...

CISA Releases Advisory On Preventing Web Application Access Control Abuse

by

Insecure direct object reference (IDOR) vulnerabilities in web applications pose a threat to organizations around the world, the Cybersecurity and Infrastructure Security Agency (CISA) warned in a...

FL Senator Urges FBI to Prioritize Tampa General Cyberattack Investigation

by

Following a cyberattack on Tampa General Hospital (TGH) that impacted 1.2 million people, Florida Senator Rick Scott (R-FL) penned a letter to FBI Director Christopher Wray asking the bureau to...

Software Vulnerability Triggers Rite Aid Data Breach, 24K Impacted

by

Rite Aid recently revealed a major data breach that potentially left the personally identifiable information (PII) of 24,400 customers exposed to threat actors. The issue came to light on May 31,...

Average Cost of Healthcare Data Breach Reaches $11M

by

The average cost of a healthcare data breach rose to $11 million, signifying a $1 million increase from last year, according to IBM Security’s 2023 "Cost of a Data Breach Report." The global...

HHS, FTC Warn Hospitals and Telehealth Providers About Third-Party Tracking Tech

by

The HHS Office for Civil Rights (OCR) and the Federal Trade Commission (FTC) sent a joint letter to 130 hospitals and telehealth providers to emphasize the security and privacy risks of third-party...

AI, Ransomware Remain Prevalent in Evolving Cybersecurity Landscape

by

Healthcare organizations face an uptick in cyber threats, as malicious actors turn to tools like ransomware, artificial intelligence (AI), and Internet of Things (IoT) attacks. These threats are...

Lawmakers Ask HHS to Expand Proposed HIPAA Rule, Require Warrant For PHI

by

Spearheaded by United States Senators Ron Wyden (D-OR) and Patty Murray (D-WA), and US Representative Sara Jacobs (D-CA), lawmakers sent a letter to HHS Secretary Xavier Beccera urging the...

MOVEit Transfer Cyberattack Impacts 1.2M at Pension Benefit Information

by

More than 1.2 million individuals were impacted by a data breach at Pension Benefit Information (PBI) stemming from the widespread cyberattacks waged against Progress Software’s MOVEit Transfer...

Imagine360 Suffers Third-Party Data Breach, 112K Impacted

by

Imagine360, a Pennsylvania-based provider of self-funded health plan solutions,  alerted over 112,000 individuals about a third-party data breach from January 2023, which occurred on its Citrix...

CISA Warns Critical Infrastructure of APT Actors Targeting Outlook Online

by

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) urged critical infrastructure entities to enhance monitoring of Microsoft Exchange Online...

How Threat Actors Leverage AI to Advance Healthcare Cyberattacks

by

The HHS Health Sector Cybersecurity Coordination Center (HC3) issued a brief regarding artificial intelligence (AI) and the threats it may pose to healthcare cybersecurity. As AI continues to advance,...

Veterans Affairs OIG Finds Cybersecurity Deficiencies at AZ Health System

by

The US Department of Veterans Affairs (VA) Office of Inspector General (OIG) inspected the information security program at the Northern Arizona VA Healthcare System and discovered significant security...

White House Issues National Cybersecurity Strategy Implementation Plan

by

The Biden-Harris Administration issued its National Cybersecurity Strategy Implementation Plan (NCSIP), which provides a detailed roadmap to achieving the National Cybersecurity Strategy. The...

Examining Health Data Privacy, HIPAA Compliance Risks of AI Chatbots

by

AI chatbots, such as Google’s Bard and OpenAI’s ChatGPT, have sparked continuous conversation and controversy since they became available to the public. In the healthcare arena, patients...

MedCrypt, Kansas State University Launch Medical Device Security Research Project

by

MedCrypt, a cybersecurity solution provider for medical device manufacturers, announced a partnership with Kansas State University (KSU) to drive medical device security research. MedCrypt provided a...

Security Flaws Found in Software Development Kit Used for Telemedicine Services

by

Claroty’s Team82 and Check Point Research (CPR) discovered critical vulnerabilities in the QuickBlox software development kit (SDK) and application programming interface (API), a framework that...

KLAS: This Year’s Top Healthcare IoT Security Vendors

by

Healthcare organizations are increasingly connecting devices to their networks to enable efficiency and aid in patient care. However, increased device connectivity exposes organizations to additional...