Health IT Security and HIPAA News

CommonSpirit Ransomware Attack Impacted Patient Data at Virginia Mason Franciscan Health

by

Following a ransomware attack that had varying impacts across CommonSpirit Health facilities, the health system has issued a breach notice to patients of Virginia Mason Franciscan Health in Washington...

Weak Connected Medical Device Security Increases Cyberattack Threats

by

Medical device security continues to be an issue for healthcare organizations, especially as the threat of cyberattacks increases in the industry. The medical internet of things (IoT) has...

OCR Outlines Proper Use of Tracking Tech to Maintain HIPAA Compliance

by

Following reports that patient data was transmitted to Facebook through the use of tracking technology on hospital websites and within password-protected patient portals, the HHS Office for Civil...

San Juan Regional Medical Center Reaches Settlement Following Healthcare Data Breach

by

San Juan Regional Medical Center (SJRMC) reached a proposed settlement following a 2020 healthcare data breach that impacted nearly 69,000 individuals. According to the original breach notice, issued...

Latest Healthcare Data Breaches Impact Providers Across the Country

by

As we close out 2022, threat actors are not slowing down their efforts to target healthcare organizations across the country. The most recent string of healthcare data breaches reported to HHS shows a...

New Connected Device Security Maturity Model Helps Orgs Strengthen Cybersecurity

by

Connected device security company Ordr published a maturity model to help healthcare organizations evaluate and improve the security of their connected devices. The guide is broken down into five...

Healthcare Industry Remains a Top Victim of Ransomware Attacks

by

Ransomware attacks continue to be the most prolific threat that organizations face across all infrastructure verticals, with the healthcare sector as a top target, according to the GuidePoint...

Third-Party Data Breach Impacts 119 Pediatric Practices, 2.2M Patients

by

Connexin Software, a company that offers pediatric-specific health IT solutions and operates under the name Office Practicum, notified more than 2.2 million individuals of a healthcare data breach that...

HHS Proposes New Rule to Align 42 CFR Part 2 With HIPAA

by

In a new Notice of Proposed Rulemaking (NPRM), the HHS Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA) proposed updates to the Confidentiality...

Community Health Network Notifies 1.5M of Data Breach Stemming From Tracking Tech

by

Indiana-based integrated healthcare system Community Health Network notified 1.5 million individuals of a data breach stemming from the use of third-party tracking technologies from companies like...

10 State AGs Call on Apple to Bolster Reproductive Health Data Privacy in App Store

by

A group of ten state attorneys general penned a letter to Apple CEO Tim Cook urging the tech company to address gaps in reproductive health data privacy, particularly as it applies to third-party apps...

Analysis of Addiction Treatment mHealth Sites Highlights Data Privacy Risks

by

An analysis of a dozen opioid use disorder (OUD) treatment and recovery websites revealed significant data privacy concerns and a need for stronger legal protections for addiction treatment data, a...

Healthcare Data Breach At PA Rehab Center Impacts 130K

by

Pennsylvania-based Gateway Rehabilitation Center notified 130,000 individuals of a data breach that it discovered in June 2022. The nonprofit provides drug and alcohol rehabilitation services to...

Lorenz Ransomware Targets Large Healthcare Orgs, HC3 Warns

by

Lorenz ransomware poses a threat to the healthcare sector, particularly larger organizations, the Health Sector Cybersecurity Coordination Center (HC3) warned in its latest analyst note. The...

OIG: HHS Must Modernize Its Approach to Cybersecurity

by

In the 2022 edition of its annual report on HHS’s top management and performance challenges, the Office of Inspector General (OIG) called on HHS to improve data governance, secure HHS systems,...

Forefront Dermatology To Pay $3.75M In Healthcare Data Breach Settlement

by

Forefront Dermatology, which operates dermatology offices across the US, reached a $3.75 settlement to resolve a class action lawsuit stemming from a May 2021 healthcare data breach. The breach was...

NewYork-Presbyterian Hospital Notifies 12K of Healthcare Data Breach

by

NewYork-Presbyterian (NYP) Hospital notified approximately 12,000 patients of a breach that occurred in September 2022. The hospital received an alert of suspicious server activity on September 8, its...

HHS, FBI, CISA Warn Healthcare of Ongoing Hive Ransomware Threats

by

HHS, the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint cybersecurity advisory about Hive ransomware actors. The ransomware actors...

Holiday, Weekend Ransomware Attacks Pose Threats to Healthcare Cybersecurity

by

Although security professionals may take holidays and weekends off, threat actors do not. New research from Cybereason found that holiday and weekend ransomware attacks resulted in greater revenue...

Recent Articles