HITRUST issued a response to the White House’s request for information (RFI) on the harmonization of cybersecurity regulations, suggesting that regulation alone is not a fix to the ongoing cyber...
The International Counter Ransomware Initiative (CRI) held its third summit in Washington, DC, with representatives from 50 countries joining together to build upon counter-ransomware projects and...
The HHS Office for Civil Rights (OCR) announced a $100,000 settlement to resolve a data breach investigation with Doctors’ Management Services, a Massachusetts-based medical management company...
Minority groups are at risk following a potential data security event involving 23andMe may have resulted in health-related data and personally identifiable information (PII) of certain...
The HHS Office for Civil Rights (OCR) released an educational video to help covered entities understand how the HIPAA Security Rule can help them defend against cyberattacks. The video was produced in...
The Health Sector Cybersecurity Coordination Center (HC3) urged the sector to prioritize monitoring and upgrading SolarWinds systems following a series of cybersecurity vulnerability...
HHS and the Cybersecurity and Infrastructure Security Agency (CISA) teamed up to release a healthcare cybersecurity toolkit consisting of key resources for managing and mitigating cyber risk in the...
The Health Sector Cybersecurity Coordination Center’s (HC3) latest white paper examined the risks of “quishing,” or QR code-based phishing attacks. The growing popularity of quick...
New York Attorney General Letitia James announced a $350,000 settlement with Personal Touch Holding Corporation, a Long Island-based home healthcare company, to resolve allegations stemming from a data...
Westchester Medical Center Health Network (WMCHealth) had to temporarily divert ambulances and shut down IT systems in response to a cyberattack, AP News first reported. According to the health...
A cybersecurity vulnerability in ServiceNow, a cloud computing platform, may allow unauthenticated users to extract data from records, a cybersecurity researcher discovered in mid-October. The Health...
The HHS Office for Civil Rights (OCR) unveiled two resource documents to help providers communicate telehealth privacy and security risks to patients.
The documents, entitled “Educating Patients...
Puerto Rico-based healthcare clearinghouse Inmediata Health agreed to a $1.4 million settlement to resolve a multi-state data breach investigation backed by 33 state attorneys general. Inmediata...
The Federal Bureau of Investigation (FBI) issued a public service announcement to alert the public about cybercriminals who have been targeting plastic surgery offices, surgeons, and their patients...
Revenue cycle management company Arietis Health notified more than 1.9 million individuals of a data breach stemming from the MOVEit Transfer hack. As previously reported, entities across all sectors...
The Health Sector Cybersecurity Coordination Center (HC3) issued an analyst note regarding NoEscape ransomware, a new threat to healthcare and other industries. Although just two healthcare victims...
The American Hospital Association (AHA) has urged Congress and the HHS Office for Civil Rights (OCR) to withdraw the rule related to online tracking technologies, arguing that it violates HIPAA...
Security budgets across all sectors experienced a 6 percent average security budget increase this year, compared to a 17 percent increase in the last budget cycle, a new report from IANS Research and...
Colorado Attorney General Phil Weiser reached a settlement with Broomfield Skilled Nursing and Rehabilitation Center over a 2021 data breach. According to the announcement, Broomfield allegedly failed...
Advanced email attacks remain a top threat to organizations around the world, including those in the healthcare sector, Abnormal Security observed in its latest blog post. Abnormal saw a 167 percent...