HHS

HHS Reaches Settlement With Healthcare Business Associate Following Ransomware Attack

by Jill McKeon

The HHS Office for Civil Rights (OCR) announced a $100,000 settlement to resolve a data breach investigation with Doctors’ Management Services, a Massachusetts-based medical management company...

CISA, HHS Collaborate on Healthcare Cybersecurity Toolkit

by Jill McKeon

HHS and the Cybersecurity and Infrastructure Security Agency (CISA) teamed up to release a healthcare cybersecurity toolkit consisting of key resources for managing and mitigating cyber risk in the...

HHS, FTC Publish Warning Letters Sent to Healthcare Entities Over Third-Party Tracking Tech

by Jill McKeon

In a document that spans hundreds of pages, HHS and the Federal Trade Commission (FTC) published letters sent to 130 healthcare organizations regarding the security and privacy risks of third-party...

HHS Launches Digital Health Security Project to Protect Healthcare Infrastructure

by Jill McKeon

The Advanced Research Projects Agency for Health (ARPA-H), a division of HHS, announced the formation of the Digital Health Security (DIGIHEALS) project, aimed at protecting the United States...

MOVEit Transfer Breach Impacts 612K Medicare Beneficiaries, CMS Says

by Jill McKeon

The Centers for Medicare & Medicaid Services (CMS) notified 612,000 Medicare beneficiaries of a data breach stemming from a vulnerability in Progress Software’s MOVEit Transfer software. The...

HHS, FTC Warn Hospitals and Telehealth Providers About Third-Party Tracking Tech

by Jill McKeon

The HHS Office for Civil Rights (OCR) and the Federal Trade Commission (FTC) sent a joint letter to 130 hospitals and telehealth providers to emphasize the security and privacy risks of third-party...

Lawmakers Ask HHS to Expand Proposed HIPAA Rule, Require Warrant For PHI

by Jill McKeon

Spearheaded by United States Senators Ron Wyden (D-OR) and Patty Murray (D-WA), and US Representative Sara Jacobs (D-CA), lawmakers sent a letter to HHS Secretary Xavier Beccera urging the...

TimisoaraHackerTeam Ransomware Attacks US Cancer Center

by Jill McKeon

HHS called attention to a resurfaced ransomware variant called TimisoaraHackerTeam (THT), which recently claimed responsibility for a June 2023 cyberattack on a United States cancer center. The...

HHS Reaches Settlement With NJ Provider Over Potential HIPAA Privacy Rule Violations

by Jill McKeon

The HHS Office for Civil Rights (OCR) announced a settlement with Manasa Health Center, a psychiatry provider in New Jersey, over a potential HIPAA Privacy Rule violation. According to an April 2020...

House Committee Hearing Sheds Light On HHS Approach to Healthcare Cybersecurity

by Jill McKeon

At a House Committee on Energy and Commerce hearing, experts from the energy, water, and healthcare sectors testified on how sector-specific agencies within critical infrastructure are taking steps to...

Clop, LockBit Leveraging 3 Known Vulnerabilities in Healthcare Ransomware Attacks, HHS Warns

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert about the current operations of Clop and LockBit ransomware groups. The Ransomware-as-a-Service (RaaS) groups have...

HHS Cybersecurity Task Force Releases New Resources to Address Rise in Healthcare Cyberattacks

by Jill McKeon

The HHS 405(d) Program and the Health Sector Coordinating Council Cybersecurity Working Group (HSCC CWG) led efforts to release three new and updated resources to help healthcare organizations manage...

HHS Proposes Rule to Strengthen HIPAA Protections For Reproductive Healthcare Data

by Jill McKeon

The HHS Office for Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM) with the goal of strengthening HIPAA Privacy Rule protections for those seeking and delivering reproductive...

HHS Emphasizes EHR Cybersecurity Risks to Healthcare Sector

by Sarai Rodriguez

EHRs are poised to remain a crucial part of the healthcare industry, but the exploitation of patient data casts a shadow over its benefits. A recent HHS threat brief emphasized the need for healthcare...

HHS, FBI Disrupt BreachForums Cybercriminal Marketplace

by Jill McKeon

Thanks to a joint effort by the HHS Office of Inspector General (OIG) and the Federal Bureau of Investigation (FBI), a cybercriminal marketplace known as BreachForums was forced offline, the Department...

HC3 Checklist Helps Healthcare Sector Ensure Mobile Device Security

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) released a mobile device security checklist, containing important considerations for using mobile devices in a healthcare...

HHS Requests $78M in Funding For OCR in Next Fiscal Year

by Jill McKeon

HHS requested $78 million in funding for its Office for Civil Rights (OCR) for FY 2024, signifying a $38 million increase from last year’s budget. The requested budget increase follows HHS’...

HHS, HSCC Release Guidance to Help Healthcare Align With NIST Cybersecurity Framework

by Jill McKeon

HHS, through the Administration for Strategic Preparedness and Response (ASPR), and the Health Sector Coordinating Council (HSCC) Cybersecurity Working Group released the Cybersecurity Framework...

HHS Restructures OCR to Better Handle Increased HIPAA Complaint Volume

by Jill McKeon

The HHS Office for Civil Rights (OCR) announced new restructuring efforts, including the formation of three new divisions, in order to better manage its increased volume of HIPAA and HITECH complaints...

HHS Delivers 2 Reports to Congress On Healthcare Data Breaches, HIPAA Compliance

by Jill McKeon

The HHS Office for Civil Rights (OCR) delivered two reports to Congress that shed light on healthcare data breaches and HIPAA compliance efforts logged during the 2021 calendar year. The reports...