Office for Civil Rights Announces the Release of the Security Risk Assessment (SRA) Tool
The US Department of Health and Human Services Office for Civil Rights (OCR) and the Assistant Secretary for Technology Policy (ASTP) announced the release of version 3.5 of the Security…
Read More »
HHS OCR Settles HIPAA Ransomware Cybersecurity Investigation for $90,000
The US Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Bryan County Ambulance Authority (BCAA), a provider of emergency medical services in…
Read More »
HHS OCR Settles Ransomware Cybersecurity Investigation for $500,000
Today, the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced a settlement with Plastic Surgery Associates of South Dakota in Sioux Falls, for several…
Read More »Social Engineering: Searching for Your Weakest Link
Cyber threats targeting individuals often take the form of social engineering, where attackers attempt to convince someone to engage in actions or reveal information that can put themselves and their…
Read More »Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Communications Security Establishment Canada (CSE), the Australian Federal Police (AFP), and…
Read More »Rhysida Leaks Nursing Home Data, Demands $1.5M from Axis
Ransomware gang Rhysida is threatening to dump data on the dark web that belongs to a Colorado provider of mental health, substance abuse and other healthcare services unless it pays…
Read More »Email Account Breaches Reported by Four HIPAA Covered Entities
Four HIPAA-covered entities have recently reported breaches of their email environments: Southern Bone & Joint Specialists in Mississippi, Connally Memorial Medical Center in Texas, Rim Country Health and Rehabilitation in…
Read More »HHS OCR Imposes $240K Civil Monetary Penalty in HIPAA Ransomware Cybersecurity Investigation
The US Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $240,000 civil monetary penalty against Providence Medical Institute in Southern California, concerning potential violations…
Read More »HHS OCR Settles Ransomware Cybersecurity Investigation under HIPAA Security Rule for $250K
Today, the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Cascade Eye and Skin Centers, PC, a privately-owned healthcare provider in…
Read More »
CMS Notifies Individuals Potentially Impacted by Data Breach
The Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying people whose protected health information or other personally identifiable information (PII) may have…
Read More »