The HHS Office for Civil Rights (OCR) announced a $100,000 settlement to resolve a data breach investigation with Doctors’ Management Services, a Massachusetts-based medical management company...
HHS and the Cybersecurity and Infrastructure Security Agency (CISA) teamed up to release a healthcare cybersecurity toolkit consisting of key resources for managing and mitigating cyber risk in the...
In a document that spans hundreds of pages, HHS and the Federal Trade Commission (FTC) published letters sent to 130 healthcare organizations regarding the security and privacy risks of third-party...
The Advanced Research Projects Agency for Health (ARPA-H), a division of HHS, announced the formation of the Digital Health Security (DIGIHEALS) project, aimed at protecting the United States...
The Centers for Medicare & Medicaid Services (CMS) notified 612,000 Medicare beneficiaries of a data breach stemming from a vulnerability in Progress Software’s MOVEit Transfer software. The...
The HHS Office for Civil Rights (OCR) and the Federal Trade Commission (FTC) sent a joint letter to 130 hospitals and telehealth providers to emphasize the security and privacy risks of third-party...
Spearheaded by United States Senators Ron Wyden (D-OR) and Patty Murray (D-WA), and US Representative Sara Jacobs (D-CA), lawmakers sent a letter to HHS Secretary Xavier Beccera urging the...
HHS called attention to a resurfaced ransomware variant called TimisoaraHackerTeam (THT), which recently claimed responsibility for a June 2023 cyberattack on a United States cancer center. The...
The HHS Office for Civil Rights (OCR) announced a settlement with Manasa Health Center, a psychiatry provider in New Jersey, over a potential HIPAA Privacy Rule violation. According to an April 2020...
At a House Committee on Energy and Commerce hearing, experts from the energy, water, and healthcare sectors testified on how sector-specific agencies within critical infrastructure are taking steps to...
The Health Sector Cybersecurity Coordination Center (HC3) issued a sector alert about the current operations of Clop and LockBit ransomware groups. The Ransomware-as-a-Service (RaaS) groups have...
The HHS 405(d) Program and the Health Sector Coordinating Council Cybersecurity Working Group (HSCC CWG) led efforts to release three new and updated resources to help healthcare organizations manage...
The HHS Office for Civil Rights (OCR) issued a Notice of Proposed Rulemaking (NPRM) with the goal of strengthening HIPAA Privacy Rule protections for those seeking and delivering reproductive...
EHRs are poised to remain a crucial part of the healthcare industry, but the exploitation of patient data casts a shadow over its benefits. A recent HHS threat brief emphasized the need for healthcare...
Thanks to a joint effort by the HHS Office of Inspector General (OIG) and the Federal Bureau of Investigation (FBI), a cybercriminal marketplace known as BreachForums was forced offline, the Department...
The Health Sector Cybersecurity Coordination Center (HC3) released a mobile device security checklist, containing important considerations for using mobile devices in a healthcare...
HHS requested $78 million in funding for its Office for Civil Rights (OCR) for FY 2024, signifying a $38 million increase from last year’s budget. The requested budget increase follows HHS’...
HHS, through the Administration for Strategic Preparedness and Response (ASPR), and the Health Sector Coordinating Council (HSCC) Cybersecurity Working Group released the Cybersecurity Framework...
The HHS Office for Civil Rights (OCR) announced new restructuring efforts, including the formation of three new divisions, in order to better manage its increased volume of HIPAA and HITECH complaints...
The HHS Office for Civil Rights (OCR) delivered two reports to Congress that shed light on healthcare data breaches and HIPAA compliance efforts logged during the 2021 calendar year.
The reports...