The HHS Office for Civil Rights (OCR) released an educational video presentation on recognized security practices (RSPs) under HITECH. Nick Heesters, senior advisor for cybersecurity at OCR, presented...
Pennsylvania-based Keystone Health is facing a class action lawsuit over a 2022 data breach that impacted more than 235,000 individuals.
As previously reported, Keystone Health discovered a security...
UPDATE 11/1/2022 - OpenSSL provided vulnerability guidance for CVE-2022-3786 and CVE-2022-3602. CVE-2022-3602 is no longer labeled as "critical" and was downgraded to "high" after further...
The HHS Office for Civil Rights (OCR) utilized its October newsletter to remind covered entities of their incident response obligations under the HIPAA Security Rule. The newsletter provided a...
Michigan Medicine notified 33,850 patients of a phishing attack that may have exposed their health information. A cyber attacker targeted Michigan Medicine in August 2022 with a scam that lured...
On August 15, Ascension St. Vincent’s Coastal Cardiology in Brunswick, Georgia, was alerted to a healthcare data breach involving “recently acquired Ascension St. Vincent’s Coastal...
Medical device security continues to be a top concern in the healthcare sector. The prevalence of legacy devices, the increasing interconnectedness of the sector, and the need for industry-wide...
Attorneys with the American Civil Liberties Union (ACLU) of Rhode Island filed a class-action lawsuit against the Rhode Island Public Transit Authority (RIPTA) and UnitedHealthcare (UHC) New England...
The College of Healthcare Information Management Executives (CHIME) submitted comments to the Federal Trade Commission (FTC) surrounding the Commission’s Advanced Notice of Proposed Rulemaking...
Radiology Associates of Albuquerque, also known as RAA Imaging, informed an undisclosed number of patients of a health data breach involving protected health information (PHI) exposure.
The breach...
The Daixin Team ransomware and data extortion group is an active threat to the healthcare sector, The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and...
CommonSpirit Health is still in the process of responding to and recovering from a cyberattack that began in early October and impacted multiple facilities within the health system.
The confirmed...
Senator Mark R. Warner (D-VA) expressed significant health data privacy concerns surrounding the Meta pixel tracking tool in a letter to Meta CEO Mark Zuckerberg.
As previously reported, the tool has...
Water, K-12 education, and healthcare cybersecurity are upcoming focus areas for the Cybersecurity and Infrastructure Security Agency (CISA), Director Jen Easterly said at Mandiant’s mWISE...
Advocate Aurora Health notified 3 million patients of a data breach that resulted in potential protected health information (PHI) exposure.
The breach stemmed from the nonprofit health system’s...
Over the last few years, the need for cybersecurity professionals has been multiplying. Yet, the demand is outpacing talent availability amid a cybersecurity workforce shortage,...
As a result of an investigation into a 2020 healthcare data breach, vision insurer EyeMed Vision Care will pay a $4.5 million penalty to New York State for violating the Department of Financial...
Enabling multi-factor authentication (MFA) is “the single most important thing Americans can do to stay safe online,” Cybersecurity and Infrastructure Security Agency (CISA) Director Jen...
Ransomware attacks against healthcare organizations have been increasing and wreaking havoc for the last several years. These threats lead to disruptions for patients and providers, with 86 percent of...
New healthcare cybersecurity standards and guidance from the White House are on the horizon, Anne Neuberger, deputy national security advisor for cyber and emerging technology in the Biden...