The US Government Accountability Office (GAO) released a report on medical device cybersecurity to address limitations in federal agencies’ authority, explore challenges in accessing federal...
ESO Solutions, a healthcare software company, notified 2.7 million individuals of a data breach caused by a September 2023 ransomware attack against its systems. ESO Solutions provides software to...
Lawmakers have urged HHS to consider revising HIPAA to further protect patient privacy after observing routine disclosures of patient information from major pharmacy chains to law enforcement agencies...
The Cybersecurity and Infrastructure Security Agency (CISA) published a cybersecurity advisory based on key findings that the agency uncovered during a risk and vulnerability assessment (RVA) conducted...
The US Department of Justice (DOJ) has successfully disrupted the BlackCat ransomware group and offered a decryption tool to more than 500 victims around the world. Also known as ALPHV or Noberus,...
The HHS Office for Civil Rights (OCR) announced its 46th enforcement action under the HIPAA Right of Access Initiative. The enforcement action resolved an investigation into Optum Medical Care, a...
Delta Dental of California informed nearly 7 million individuals of a data breach stemming from the May 2023 hack of Progress Software’s MOVEit Transfer software.
As previously reported,...
Illinois-based Harrisburg Medical Center (HMC) filed a data breach notice with the Maine Attorney General’s Office regarding a December 2022 breach. The breach impacted 147,826 individuals in...
The American Hospital Association (AHA) expressed dissatisfaction with parts of HHS’ recently released healthcare cybersecurity strategy, which was unveiled in early December. Specifically, the...
New York Attorney General (NYAG) Letitia James reached a settlement with Healthplex, a large dental insurance provider, following a data breach that occurred in November 2021. Healthplex agreed to pay...
Open-source software (OSS) is the foundation of modern software development, but it can also expose critical infrastructure sectors to cybersecurity risks, the HHS Health Sector Cybersecurity...
Kentucky-based Norton Healthcare confirmed that a May 2023 ransomware attack on the health system impacted 2.5 million individuals, according to a report filed with the Maine Attorney General’s...
HHS reached its first-ever phishing attack settlement with Lafourche Medical Group, a Louisiana-based medical group that specializes in emergency medicine, lab testing, and occupational medicine....
HHS released a concept paper outlining the department’s long-awaited healthcare cybersecurity strategy and establishing goals for improving the sector’s cybersecurity posture. The...
The Joint Commission has launched the Responsible Use of Health Data (RUHD) Certification program, a voluntary program aimed at providing hospitals, patients, and other key stakeholders with an...
Genetic testing company 23andMe issued an amended Form 8-K Securities and Exchange Commission (SEC) filing to provide supplemental information about a data breach that occurred in October 2023.
On...
Hospitals should take immediate action to protect against the Citrix Bleed cybersecurity vulnerability, the American Hospital Association (AHA) warned, following multiple alerts by government agencies...
Capital Health, which operates two hospitals in New Jersey and other regional care sites, is experiencing a network outage caused by what it believes to be a cyberattack. The healthcare organization is...
New York Attorney General Letitia James issued a consumer alert to warn New Yorkers about the potential impacts of a data breach that occurred at Perry Johnson & Associates (PJ&A), a medical...
Grocery chain Kroger is facing two class action lawsuits tied to its use of tracking technologies. Both lawsuits alleged that Kroger pharmacy patients were not informed that their health data was being...