They’re Back? HHS OCR Is Eyeing the Return of HIPAA Audits

As US federal regulators fine-tune a strategy to push the healthcare sector into a stronger cybersecurity posture, they appear to be planning to dust off a HIPAA compliance audit program…

Read More »

Hospitals Offline across Romania Following Ransomware Attack on IT Platform

Four more Romanian hospitals were confirmed on Tuesday to have been affected by a ransomware attack against an IT platform, bringing the total to 25 facilities whose data has been…

Read More »

HHS Finalizes New Provisions to Enhance Integrated Care and Confidentiality for Patients with Substance Use Conditions

Today, the US Department of Health and Human Services, through its Office for Civil Rights (OCR) and the Substance Abuse and Mental Health Services Administration (SAMHSA), finalized modifications to the…

Read More »

HHS OCR Settles Malicious Insider Cybersecurity Investigation for $4.75 Million

Today, the US Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced a settlement with Montefiore Medical Center, a non-profit hospital system based in New York…

Read More »

314,000 Patients Affected by Cyberattack on New Jersey Health System

CompleteCare Health Network, a health system serving patients in southern New Jersey, has recently confirmed that the protected health information of 313,973 patients has potentially been compromised in an October…

Read More »

Possible Threat of Unauthorized Access to HPH Organizations from Remote Access Tool

Security researchers are warning that Healthcare and Public Health (HPH) organizations that use the remote access tool ScreenConnect could be adversely affected or targeted by threat actors. The impact of…

Read More »

Merck Reaches Settlement with Insurers over $1.4 Billion NotPetya Malware Attack

The Pharmaceutical giant Merck has finally obtained a settlement with its insurance policy providers over a June 2017 cyberattack that Merck claimed resulted in $1.4 billion in damages.

Read More »

Novant Health Reaches $6.6M Settlement over Improper PHI Disclosures

Novant Health agreed to pay $6.6 million to settle a class action lawsuit surrounding improper disclosures of protected health information (PHI) due to the health system’s use of third-party tracking…

Read More »

NY AG Reaches Agreement with Healthcare Provider to Invest $1.2M to Protect Patient Data

New York Attorney General Letitia James today announced an agreement with a Hudson Valley-area healthcare provider, Refuah Health Center, Inc. (Refuah), for failing to safeguard the personal and private health…

Read More »

More Than 911,000 Individuals Affected by Ambulance Service Data Breach

Legal counsel for Transformative Healthcare, a Newton MA-based medical, transportation & logistics company, has notified the Maine Attorney General about a data breach that has affected 911,757 individuals.

Read More »