Health IT Security and HIPAA News

Maxim Healthcare Reaches Settlement Over 2021 Data Breach Case

by

Maxim Healthcare has reached a monetary agreement to settle claims that it failed to protect the personal health information of about 28,000 patients impacted in a 2021 data breach. According to...

PharMerica Notifies 5.8M Individuals of Healthcare Data Breach

by

Long-term care pharmacy network PharMerica disclosed a breach to the Maine Attorney General’s Office that impacted more than 5.8 million individuals. PharMerica is a Fortune 1000 company...

Senators Introduce Rural Hospital Cybersecurity Enhancement Act

by

United States Senators Josh Hawley (R-MO) and Gary Peters (D-MI) have introduced the Rural Hospital Cybersecurity Enhancement Act, aimed at addressing critical cybersecurity gaps at rural healthcare...

Utah Health System Suffers Healthcare Data Breach, 103K Impacted

by

Uintah Basin Healthcare (UBH) recently notified 103,974 individuals of a healthcare data breach that potentially compromised the protected health information of patients. UBH first discovered...

Malicious Bot Activity On the Rise in Healthcare

by

The internet has a bot problem, cybersecurity company Imperva suggested in its 2023 Bad Bot Report. Nearly half of all internet traffic came from bots in 2022, while human traffic dipped to its lowest...

HC3 Warns Healthcare of Cyberattacks Against Popular Data Backup Software

by

The Health Sector Cybersecurity Coordination Center’s (HC3) latest alert details the growing trend of threat actors targeting a known vulnerability in Veeam Backup & Replication (VBR)...

New Mexico Department of Health Data Breach Exposes Decedent Health Information

by

The New Mexico Department of Health (DOH) reported a breach to HHS that impacted 49,000 individuals. The breach occurred when DOH discovered that a spreadsheet containing information about individual...

Healthcare Cyberattacks Linked to Disruptions at Neighboring Hospitals, Study Finds

by

When one healthcare organization suffers a cyberattack, other facilities in the area feel its impact, a study published in JAMA Network Open suggested. Emergency medicine physician and self-taught...

Healthcare Data Breach At Kansas Hospital Impacts 19K

by

Kansas-based McPherson Hospital recently notified 19,020 individuals of a healthcare data breach. According to the May 4 notice, McPherson Hospital fell victim to a ransomware attack on July 12, 2022,...

SuperCare Health Reaches $2.25M Data Breach Settlement Over Alleged Negligence

by

SuperCare Health has agreed to a data breach settlement totaling $2.25 million in a class-action lawsuit filed by plaintiff Vickey Angulo and class members, who alleged the organization’s...

OCR Resolves HIPAA Right of Access Case With Pennsylvania Therapist

by

The HHS Office for Civil Rights (OCR) settled a potential HIPAA right of access violation with Pittsburgh, Pennsylvania-based licensed counselor David Mente, MA, LPC. The psychotherapy provider must...

41% of IT Decision-Makers Back Passwordless Authentication for Stronger Identity Security

by

Rising password breaches accelerate the adoption of password-less authentication methods such as biometrics, passkeys, and security keys as 41 percent of IT decision-makers accredited these practices...

TN Medical Clinic Remains Partially Closed As It Recovers From Cyberattack

by

Tennessee-based Murfreesboro Medical Clinic & SurgiCenter (MMC) is actively recovering a “sophisticated criminal cyberattack” that it suffered on April 22, its website states. In...

Lawsuit Accuses Iowa Health System of Sharing Data With Facebook

by

An Iowa woman filed a lawsuit against the University of Iowa Hospitals & Clinics (UIHC) over its use of tracking pixels. As previously reported, companies like Google and Meta, along with...

Lawsuit Strikes 90 Degree Benefits After 181K-Impacted Data Breach

by

90 Degree Benefits, a health insurance company, is in hot water as a proposed class-action lawsuit emerges, following a data breach that jeopardized the privacy of more than 181,543 individuals. The...

FDA: Critical Illumina Cybersecurity Vulnerability May Allow Threat Actors to Control Devices Remotely

by

The US Food and Drug Administration (FDA) alerted healthcare providers and laboratory personnel of a cybersecurity vulnerability that impacts the Universal Copy Service (UCS) software in select...

Washington State Passes My Health, My Data Act to Safeguard Health Data Privacy

by

Washington state Governor Jay Inslee signed the My Health My Data Act (House Bill 1155) into law, bolstering health data protections for Washington residents. The act aims to modernize the...

Clop, LockBit Leveraging 3 Known Vulnerabilities in Healthcare Ransomware Attacks, HHS Warns

by

The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert about the current operations of Clop and LockBit ransomware groups. The Ransomware-as-a-Service (RaaS) groups have...

Latest Reported Data Breaches Impact Variety of Healthcare Orgs

by

Healthcare data breaches continue to impact large and small organizations across the country, as exemplified by the most recent batch of data breach notifications outlined below. Graceworks Lutheran...

CA Health Plan Reports Data Breach Tied to Fortra GoAnywhere Hack

by

California-based Santa Clara Health Plan (SCHP) reported a breach tied to a known vulnerability in Fortra’s GoAnywhere managed file transfer (MFT) solution that impacted 276,993 individuals. As...