Threat actors are increasingly targeting edge devices, exploiting zero-day vulnerabilities, and engaging in living off the land attacks to evade threat detection tools, Mandiant revealed in a recent...
High rates of data breaches and cyberattacks mean that healthcare is no stranger to lawsuits. According to a recent report from law firm BakerHostetler, the healthcare sector’s use of third-party...
UPDATE 4/23/2024 - This article has been updated to reflect new information about the Change Healthcare cyberattack.
UHG has not yet provided a formal breach notification to HHS following the...
The Biden-Harris administration, through HHS, issued a final rule to bolster patient privacy for those seeking and administering lawful reproductive healthcare. Entitled HIPAA Privacy Rule to Support...
Lawmakers had many questions for UnitedHealth Group (UHG), the parent of Change Healthcare, at a March 16 House subcommittee hearing about the cyberattack that halted claims payments and disrupted...
Under a proposed order from the Federal Trade Commission (FTC), online mental healthcare platform Cerebral will be restricted from disclosing consumers’ personal health information to third...
The Federal Trade Commission (FTC) banned Monument, an alcohol addiction treatment service, from disclosing its users’ personal health data to third-party advertisers, following allegations that...
As of April 3, UnitedHealth Group (UHG) had advanced nearly $4.7 billion to providers grappling with the aftermath of the Change Healthcare cyberattack. Even so, physician practices across the country...
Group Health Cooperative of South Central Wisconsin (GHC-SCW) notified more than 533,000 individuals of a data breach that resulted from a cyberattack. On January 25, GHC-SCW detected unauthorized...
Strong cybersecurity performance in healthcare is crucial for ensuring patient safety and operational continuity at all times, especially during a cybersecurity incident. But new research shows that...
UPDATE 4/4/2024 - This article has been updated to include information from an HC3 sector alert.
The American Hospital Association (AHA) has doubled down on its warning to the healthcare sector about...
A multi-factor authentication (MFA) failure led to the exposure of patient information pertaining to the Los Angeles County Department of Mental Health (DMH), a report filed with the California...
The HHS Office for Civil Rights (OCR) imposed a $100,000 civil monetary penalty against Hackensack Meridian Health, West Caldwell Care Center, also known as Essex Residential Care, over HIPAA right of...
The HHS Office for Civil Rights (OCR) announced a HIPAA right of access settlement with Oklahoma-based Phoenix Healthcare, marking the office’s 47th enforcement action under the HIPAA Right of...
As the healthcare and pharmaceuticals sector continues to face a high volume of cyberattacks, maintaining a strong security culture remains a crucial element to maintaining a strong security posture....
Healthcare providers nationwide are continuing to face financial and operational challenges in the aftermath of the Change Healthcare cyberattack, which began more than one month ago.
In...
The HHS Health Sector Cybersecurity Coordination Center (HC3) released two sector alerts recently, each highlighting a different cyber threat tactic that bad actors may use to facilitate healthcare...
Senator Mark Warner (D-VA) has introduced the Health Care Cybersecurity Improvement Act of 2024, which would allow for advance and accelerated payments to providers in the event of a cybersecurity...
OCR recently released updated HIPAA guidance for covered entities and business associates who use online tracking technologies that exchange protected health information (PHI).
The guidance addresses...
The majority of hospitals say the Change Healthcare cyberattack is negatively affecting their finances and hindering patient care access, according to a survey from the American Hospital Association...