HHS released a concept paper outlining the department’s long-awaited healthcare cybersecurity strategy and establishing goals for improving the sector’s cybersecurity posture. The...
The Joint Commission has launched the Responsible Use of Health Data (RUHD) Certification program, a voluntary program aimed at providing hospitals, patients, and other key stakeholders with an...
Genetic testing company 23andMe issued an amended Form 8-K Securities and Exchange Commission (SEC) filing to provide supplemental information about a data breach that occurred in October 2023.
On...
Hospitals should take immediate action to protect against the Citrix Bleed cybersecurity vulnerability, the American Hospital Association (AHA) warned, following multiple alerts by government agencies...
Capital Health, which operates two hospitals in New Jersey and other regional care sites, is experiencing a network outage caused by what it believes to be a cyberattack. The healthcare organization is...
New York Attorney General Letitia James issued a consumer alert to warn New Yorkers about the potential impacts of a data breach that occurred at Perry Johnson & Associates (PJ&A), a medical...
Grocery chain Kroger is facing two class action lawsuits tied to its use of tracking technologies. Both lawsuits alleged that Kroger pharmacy patients were not informed that their health data was being...
Healthcare software-as-a-service company Welltok recently notified 8.5 million individuals of a data breach stemming from the May 2023 MOVEit hack. The incident signifies one of the largest breaches...
Ardent Health Services, which owns 30 hospitals and 200 sites of care across six states, confirmed a healthcare cyberattack that occurred on the morning of November 23. Hospitals in multiple states...
The HHS Health Sector Cybersecurity Coordination Center (HC3) issued a brief about Emotet, a notorious malware strain that has impacted the healthcare sector for years. Emotet has been operational...
The Cybersecurity and Infrastructure Security Agency (CISA) issued a cybersecurity vulnerability mitigation guide for the healthcare sector, stressing the importance of remediating known...
The HHS Office for Civil Rights (OCR) completed a HIPAA investigation into New York-based Saint Joseph’s Medical Center following claims that the organization had impermissibly disclosed COVID-19...
HC3 issued an analyst note regarding BlackSuit ransomware, a relatively new group that appears to be similar to the Royal ransomware family and its notorious predecessor, Conti ransomware. HC3 warned...
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint...
UPDATE,11/16/2023: The HHS data breach portal now shows that the Perry Johnson & Associates data breach impacted nearly 9 million individuals, making it one of the largest reported healthcare...
New York Governor Kathy Hochul proposed a set of sweeping cybersecurity regulations that would apply to hospitals across the state, along with $500 million in funding to help healthcare facilities...
New York Attorney General Letitia James announced a $450,000 settlement with US Radiology Specialists over alleged health data security failures that resulted in a ransomware attack. The Attorney...
Henry Schein, a major distributor of healthcare products across 32 countries, suffered a cyberattack in mid-October that disrupted some of its manufacturing and distribution operations.
A few weeks...
US Senators Mark Warner (D-VA), Bill Cassidy (R-LA), John Cornyn (R-TX), and Maggie Hassan (D-NH) launched a bipartisan Senate healthcare cybersecurity working group. The group will focus on proposing...
The American Hospital Association (AHA) has sued the federal government over the HHS Office for Civil Rights’ (OCR) stance on tracking technology use in healthcare. Joined by the Texas Hospital...