New York Attorney General Letitia James fined the NewYork-Presbyterian Hospital (NYP) $300,000 over its use of tracking tech that resulted in private information being shared with third-party tech...
Fallon Ambulance Service, a medical transportation company that served the greater Boston area, reported a data breach that impacted more than 911,000 individuals. Fallon was a subsidiary of...
The US Government Accountability Office (GAO) released a report on medical device cybersecurity to address limitations in federal agencies’ authority, explore challenges in accessing federal...
ESO Solutions, a healthcare software company, notified 2.7 million individuals of a data breach caused by a September 2023 ransomware attack against its systems. ESO Solutions provides software to...
Lawmakers have urged HHS to consider revising HIPAA to further protect patient privacy after observing routine disclosures of patient information from major pharmacy chains to law enforcement agencies...
The Cybersecurity and Infrastructure Security Agency (CISA) published a cybersecurity advisory based on key findings that the agency uncovered during a risk and vulnerability assessment (RVA) conducted...
The US Department of Justice (DOJ) has successfully disrupted the BlackCat ransomware group and offered a decryption tool to more than 500 victims around the world. Also known as ALPHV or Noberus,...
The HHS Office for Civil Rights (OCR) announced its 46th enforcement action under the HIPAA Right of Access Initiative. The enforcement action resolved an investigation into Optum Medical Care, a...
Delta Dental of California informed nearly 7 million individuals of a data breach stemming from the May 2023 hack of Progress Software’s MOVEit Transfer software.
As previously reported,...
Illinois-based Harrisburg Medical Center (HMC) filed a data breach notice with the Maine Attorney General’s Office regarding a December 2022 breach. The breach impacted 147,826 individuals in...
The American Hospital Association (AHA) expressed dissatisfaction with parts of HHS’ recently released healthcare cybersecurity strategy, which was unveiled in early December. Specifically, the...
New York Attorney General (NYAG) Letitia James reached a settlement with Healthplex, a large dental insurance provider, following a data breach that occurred in November 2021. Healthplex agreed to pay...
Open-source software (OSS) is the foundation of modern software development, but it can also expose critical infrastructure sectors to cybersecurity risks, the HHS Health Sector Cybersecurity...
Kentucky-based Norton Healthcare confirmed that a May 2023 ransomware attack on the health system impacted 2.5 million individuals, according to a report filed with the Maine Attorney General’s...
HHS reached its first-ever phishing attack settlement with Lafourche Medical Group, a Louisiana-based medical group that specializes in emergency medicine, lab testing, and occupational medicine....
HHS released a concept paper outlining the department’s long-awaited healthcare cybersecurity strategy and establishing goals for improving the sector’s cybersecurity posture. The...
The Joint Commission has launched the Responsible Use of Health Data (RUHD) Certification program, a voluntary program aimed at providing hospitals, patients, and other key stakeholders with an...
Genetic testing company 23andMe issued an amended Form 8-K Securities and Exchange Commission (SEC) filing to provide supplemental information about a data breach that occurred in October 2023.
On...
Hospitals should take immediate action to protect against the Citrix Bleed cybersecurity vulnerability, the American Hospital Association (AHA) warned, following multiple alerts by government agencies...
Capital Health, which operates two hospitals in New Jersey and other regional care sites, is experiencing a network outage caused by what it believes to be a cyberattack. The healthcare organization is...