The HHS Health Sector Cybersecurity Coordination Center (HC3) released two sector alerts recently, each highlighting a different cyber threat tactic that bad actors may use to facilitate healthcare...
Senator Mark Warner (D-VA) has introduced the Health Care Cybersecurity Improvement Act of 2024, which would allow for advance and accelerated payments to providers in the event of a cybersecurity...
OCR recently released updated HIPAA guidance for covered entities and business associates who use online tracking technologies that exchange protected health information (PHI).
The guidance addresses...
The majority of hospitals say the Change Healthcare cyberattack is negatively affecting their finances and hindering patient care access, according to a survey from the American Hospital Association...
The Change Healthcare cyberattack is costing Massachusetts hospitals at least $24 million per day, according to the Massachusetts Health & Hospital Association (MHA).
After Change...
Healthcare networks and medical devices are highly vulnerable to cyberattacks, according to a recent study from cyber-physical systems protection company Claroty.
The study found that 63 percent of...
As of the first week of March, 116 healthcare data breaches have been reported to the HHS Office of Civil Rights (OCR) in 2024, impacting over 13 million individuals. The most common breach types were...
The healthcare sector suffered more ransomware attacks than any other critical infrastructure sector last year, according to complaint data examined in the Federal Bureau of Investigation’s 2023...
Lurie Children's Hospital in Chicago has restored its Epic EHR platform and other key systems following a cyberattack that began on January 31st, the hospital stated. MyChart remains unavailable as...
HHS released a statement regarding the Change Healthcare cyberattack and shed light on immediate steps that CMS is taking to assist providers during this time. The announcement follows multiple...
Indiana Attorney General Todd Rokita filed a lawsuit against Apria Healthcare over a data breach that unfolded between April 2019 and October 2021. Apria is a leading provider of home medical equipment...
UPDATE 3/5/2024 - This article has been updated to include excerpts from a letter that the AHA sent to UnitedHealth Group.
Optum has launched a temporary funding assistance program to help...
The National Institute of Standards and Technology (NIST) released version 2.0 of its Cybersecurity Framework (CSF), which is broadly used to reduce cyber risk across critical infrastructure....
The Medical Group Management Association (MGMA) urged HHS to use “all the tools at its disposal” to mitigate the impacts of the Change Healthcare cyberattack on medical groups in a letter...
The Healthcare and Public Health (HPH) Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) announced the publication of its “Health Industry Cybersecurity Strategic Plan”...
Surveyed healthcare organizations that used the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) as their primary framework saw lower cyber insurance premium...
The HHS Office for Civil Rights (OCR) delivered two reports to Congress on HIPAA compliance and enforcement efforts logged by the department during the 2022 calendar year. HHS is required to...
Green Ridge Behavioral Health agreed to pay $40,000 and implement corrective actions to resolve a ransomware investigation conducted by the HHS Office for Civil Rights (OCR). This marks the second-ever...
Quest Diagnostics reached a $5 million settlement to resolve allegations that the company illegally disposed of hazardous waste, medical waste, and protected health information (PHI) at its California...
The US Department of Justice (DOJ) and UK authorities announced the disruption of the LockBit ransomware group at a press conference held in London on February 20. LockBit was a notorious ransomware...
