The HHS Office for Civil Rights (OCR) reached a settlement with UnitedHealthcare Insurance Company (UHIC) to resolve potential HIPAA right of access violations. UHIC, a health insurer that provides...
The Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) issued an updated version of its “Health Industry Cybersecurity Information Sharing Best...
Healthcare data breaches remain a troubling and frequent occurrence despite an observed dip in the number of breaches reported to HHS in the first six months of 2023, Critical Insight noted in its H1...
Advocate Aurora Health reached a $12.25 million settlement to resolve a data breach lawsuit. As previously reported, Advocate Aurora Health disclosed a data breach in October 2022 that impacted 3...
The Advanced Research Projects Agency for Health (ARPA-H), a division of HHS, announced the formation of the Digital Health Security (DIGIHEALS) project, aimed at protecting the United States...
From defender to defendant, Orrick Law Firm shifts gears after a data breach on its systems jeopardized the privacy of more than 152,818 individuals and landed the law firm with its own healthcare data...
Security vulnerabilities in medical devices and the software applications that support them continue to pose a significant threat to healthcare, the Health Information Sharing and Analysis Center...
Entities across the country are still feeling the effects of the MOVEit Transfer hack as more organizations report breaches stemming from the vulnerability.
Earlier this week, the Colorado Department...
A MOVEit Transfer hack at IBM resulted in the potential exposure of health data for millions of Colorado Medicaid beneficiaries, the Colorado Department of Health Care Policy & Financing (HCPF)...
The Cyber Safety Review Board (CSRB) issued an analysis of Lapsus$ threat group and its tactics, encouraging organizations to strengthen identity and access management processes and build resiliency...
The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) is no longer just for critical infrastructure – its latest iteration, CSF 2.0, reflects the...
As cyberattacks continue to impact critical infrastructure organizations across the country, the Cybersecurity and Infrastructure Security Agency (CISA) is tackling cyber risk head-on. The...
Oregon Health Plan (OHP) notified 1.7 million members of a data breach that originated at one of its vendors, PH TECH, which offers a platform and administrative services for community health...
Rhysida ransomware group is the latest threat group to target victims around the world and publish stolen files online, the Health Sector Cybersecurity Coordination Center (HC3) warned in a threat...
A group of international cybersecurity authorities released a list of the top routinely exploited vulnerabilities of 2022, highlighting commonly overlooked vulnerabilities that organizations should...
The healthcare sector continued to face a high volume of cyberattacks in the past few months as infostealing malware rose in popularity, BlackBerry stated in its latest Global Threat Intelligence...
In a recent string of cyberattacks involving the MOVEit Transfer system, Allegheny County has stood out as one of the largest affected, with a staggering 689,686 individuals data exposed.
These...
Patient privacy monitoring solutions help healthcare organizations manage privacy risks and detect unauthorized access to patient data, playing a crucial role in compliance and patient confidentiality....
The Biden-Harris Administration unveiled the National Cyber Workforce and Education Strategy (NCWES), aimed at reducing cyber workforce gaps and empowering individuals to enter the cyber workforce. The...
The Centers for Medicare & Medicaid Services (CMS) notified 612,000 Medicare beneficiaries of a data breach stemming from a vulnerability in Progress Software’s MOVEit Transfer software. The...
