The HHS Office for Civil Rights (OCR) settled a potential HIPAA right of access violation with Pittsburgh, Pennsylvania-based licensed counselor David Mente, MA, LPC. The psychotherapy provider must...
Rising password breaches accelerate the adoption of password-less authentication methods such as biometrics, passkeys, and security keys as 41 percent of IT decision-makers accredited these practices...
Tennessee-based Murfreesboro Medical Clinic & SurgiCenter (MMC) is actively recovering a “sophisticated criminal cyberattack” that it suffered on April 22, its website states.
In...
An Iowa woman filed a lawsuit against the University of Iowa Hospitals & Clinics (UIHC) over its use of tracking pixels. As previously reported, companies like Google and Meta, along with...
90 Degree Benefits, a health insurance company, is in hot water as a proposed class-action lawsuit emerges, following a data breach that jeopardized the privacy of more than 181,543 individuals.
The...
The US Food and Drug Administration (FDA) alerted healthcare providers and laboratory personnel of a cybersecurity vulnerability that impacts the Universal Copy Service (UCS) software in select...
Washington state Governor Jay Inslee signed the My Health My Data Act (House Bill 1155) into law, bolstering health data protections for Washington residents.
The act aims to modernize the...
The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert about the current operations of Clop and LockBit ransomware groups. The Ransomware-as-a-Service (RaaS) groups have...
Healthcare data breaches continue to impact large and small organizations across the country, as exemplified by the most recent batch of data breach notifications outlined below.
Graceworks Lutheran...
California-based Santa Clara Health Plan (SCHP) reported a breach tied to a known vulnerability in Fortra’s GoAnywhere managed file transfer (MFT) solution that impacted 276,993 individuals. As...
As data breach notifications tied to the use of tracking pixels continue to surface, experts have observed a wave of lawsuits following close behind. BakerHostetler observed more than 50 lawsuits being...
Six individuals, including five former Methodist Hospital employees, face sentencing for HIPAA violations after pleading guilty to the unauthorized disclosure of personal health information (PHI)...
As ransomware continues to impact organizations worldwide, cybersecurity leaders are increasingly recognizing the importance of investing resources into improving their security programs and processes....
The Health 3rd Party Trust (Health3PT) Initiative has unveiled its first deliverables to tackle third-party cyber risk management (TPRM) in healthcare, backed by a rapidly growing membership of...
KLAS, the American Hospital Association (AHA) and healthcare risk management solutions company Censinet released the much-anticipated first wave of results of its Healthcare Cybersecurity Benchmarking...
Search engine optimization (SEO) poisoning, Cobalt Strike abuse, and other tactics are increasingly being used against the healthcare sector, BlackBerry observed in its quarterly Global Threat...
New data from asset visibility and security company Armis found that 1 in 5 connected medical devices run on unsupported operating systems (OS). To inform its research, Armis analyzed data collected by...
San Francisco-based John Muir Health (JMH) notified 821 patients of a security incident that occurred when an Excel file containing patient information was accidentally exposed to the internet. JMH...
At a recent House Oversight Committee hearing, Mila Kofman, executive director of the DC Health Benefit Exchange Authority (DCHBX) delivered a testimony providing new information about the data breach...
Mandiant observed threat actors favoring the financial, professional services, high tech and healthcare industries in 2022, according to its newly released M-Trends 2023 report. The report aimed to...