UPDATE 5/2/2024 - This article has been updated to reflect new information about the Change Healthcare cyberattack.
5/2/2024 - UHG CEO Andrew Witty estimated that the data breach resulting from...
The Rubrik Zero Labs research unit found that the average healthcare organization possesses upwards of 42 million sensitive data records, 50% more than the global average of 28 million. Given this...
The Federal Trade Commission (FTC) finalized updates to its Health Breach Notification Rule (HBNR) with the goal of clarifying the rule’s applicability to health apps and other technologies that...
In a recent press release, UnitedHealth Group (UHG) confirmed that data was compromised during the Change Healthcare cyberattack. While UHG has yet to complete its data review, its initial...
Kaiser Foundation Health Plan filed a data breach report with the HHS Office for Civil Rights (OCR), confirming a 13.4-million record breach. The filing signifies the largest breach reported to OCR in...
Threat actors are increasingly targeting edge devices, exploiting zero-day vulnerabilities, and engaging in living off the land attacks to evade threat detection tools, Mandiant revealed in a recent...
High rates of data breaches and cyberattacks mean that healthcare is no stranger to lawsuits. According to a recent report from law firm BakerHostetler, the healthcare sector’s use of third-party...
The Biden-Harris administration, through HHS, issued a final rule to bolster patient privacy for those seeking and administering lawful reproductive healthcare. Entitled HIPAA Privacy Rule to Support...
Lawmakers had many questions for UnitedHealth Group (UHG), the parent of Change Healthcare, at a March 16 House subcommittee hearing about the cyberattack that halted claims payments and disrupted...
Under a proposed order from the Federal Trade Commission (FTC), online mental healthcare platform Cerebral will be restricted from disclosing consumers’ personal health information to third...
The Federal Trade Commission (FTC) banned Monument, an alcohol addiction treatment service, from disclosing its users’ personal health data to third-party advertisers, following allegations that...
As of April 3, UnitedHealth Group (UHG) had advanced nearly $4.7 billion to providers grappling with the aftermath of the Change Healthcare cyberattack. Even so, physician practices across the country...
Group Health Cooperative of South Central Wisconsin (GHC-SCW) notified more than 533,000 individuals of a data breach that resulted from a cyberattack. On January 25, GHC-SCW detected unauthorized...
Strong cybersecurity performance in healthcare is crucial for ensuring patient safety and operational continuity at all times, especially during a cybersecurity incident. But new research shows that...
UPDATE 4/4/2024 - This article has been updated to include information from an HC3 sector alert.
The American Hospital Association (AHA) has doubled down on its warning to the healthcare sector about...
A multi-factor authentication (MFA) failure led to the exposure of patient information pertaining to the Los Angeles County Department of Mental Health (DMH), a report filed with the California...
The HHS Office for Civil Rights (OCR) imposed a $100,000 civil monetary penalty against Hackensack Meridian Health, West Caldwell Care Center, also known as Essex Residential Care, over HIPAA right of...
The HHS Office for Civil Rights (OCR) announced a HIPAA right of access settlement with Oklahoma-based Phoenix Healthcare, marking the office’s 47th enforcement action under the HIPAA Right of...
As the healthcare and pharmaceuticals sector continues to face a high volume of cyberattacks, maintaining a strong security culture remains a crucial element to maintaining a strong security posture....
Healthcare providers nationwide are continuing to face financial and operational challenges in the aftermath of the Change Healthcare cyberattack, which began more than one month ago.
In...