FBI and CISA Release Advisory on Snatch Ransomware
On September 21, 2023, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released joint Cybersecurity Advisory (CSA) #StopRansomware: Snatch Ransomware, which provides indicators of…
Read More »Personal Information of Thousands of Imaging Vendor Patients Potentially Compromised
The imaging vendor Sanford Health uses for its mobile heart screen trucks, DMS Health Technologies, experienced a data security incident between March 27 and April 24, 2023.
Read More »OCR Presents: How the Security Rule Can Help Defend against Cyber-Attacks
The HHS Office for Civil Rights (OCR) will be producing a pre-recorded webinar for HIPAA covered entities and business associates (collectively, “regulated entities”) discussing how the Security Rule can help…
Read More »Upstate New York Nonprofit Hospitals Still Facing Issues after LockBit Ransomware Attack
Two major hospitals serving thousands in upstate New York are struggling to recover from cyberattacks that were announced last week.
Read More »California AG Announces $49M Settlement with Kaiser for Illegal Disposal of Waste and PHI
In partnership with six district attorneys, California Attorney General Rob Bonta announced a settlement with Kaiser Foundation Health Plan, Inc., and Kaiser Foundation Hospitals (collectively “Kaiser”) resolving allegations that the…
Read More »HHS OCR Settles with LA Care Health Plan over Potential HIPAA Security Rule Violations
Today, the US Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Rules…
Read More »Joint Commission Issues Alert on Patient Safety after a Cyberattack
On August 15, 2023, the Joint Commission issued a Sentinel Event Alert entitled “Preserving patient safety after a cyberattack,” which provides “tips on what organizations can do to prepare to…
Read More »Increasingly Common, Healthcare Cyberattacks Now Even Target Patients with Ransom
McLaren Health Care said it shut down the computer network at its 14 Michigan hospitals last week “out of an abundance of caution” after its information technology security team found…
Read More »HHS Security Risk Assessment Tool Version 3.4 and Webinars
The Office for Civil Rights (OCR) and the Office of the National Coordinator for Health Information Technology (ONC) at the US Department of Health and Human Services (HHS) are hosting…
Read More »UnitedHealthcare Pays $80K Settlement to HHS to Resolve HIPAA Matter over Medical Records Request
Today, the Office for Civil Rights (OCR) at the US Department of Health and Human Services (HHS) has announced a settlement with UnitedHealthcare Insurance Company (“UHIC”), a health insurer that…
Read More »