Michigan's largest federally qualified health center, which treats homeless and underserved patients, is notifying more than 184,000 individuals of a December ransomware attack that compromised their data. The incident reflects the many challenges that under-resourced healthcare groups face.
The aftershocks of the Change Healthcare cyberattack are still reverberating through the healthcare sector nearly 60 days into the recovery process. But on Tuesday, members of Congress and industry experts grappled with how to avoid a future replay - minus a key witness: UnitedHealth Group.
The FTC has proposed restricting a mental telehealth service firm from sharing consumer data and requiring it to pay a $7 million penalty to settle allegations that the firm used online tracking tools to unlawfully disclose sensitive health information to third-party advertisers without consent.
A global law firm that provides data breach legal services has agreed to an $8 million settlement to resolve a proposed class action lawsuit filed against the firm in the aftermath of its cyberattack last year, which affected some health sector clients and nearly 638,000 individuals.
The proposed bipartisan, bicameral American Privacy Rights Act poses a variety of potential implications to the healthcare sector and other groups that handle health-related data - if the legislation gains traction in Congress and actually gets signed into law, legal experts say.
The IT services disruptions resulting from the Change Healthcare cyberattack is continuing to have a "devastating" effect on physician practices, threatening the financial viability of many and posing serious implications to patient care, said the American Medical Association in a new study.
A Wisconsin nonprofit managed care organization is notifying nearly 534,000 individuals that their protected health information was copied and stolen in a recent attack by a "foreign ransomware gang" that also attempted - but failed - to encrypt the group's IT systems.
A cyberattack on a Boston-based consulting firm that provides litigation support services to the U.S. Department of Justice in its investigations has potentially compromised Medicare numbers and other health insurance and medical information of nearly 342,000 individuals.
Robotic medical devices, such as surgical gear, offer great potential to improve patient care, but the cyber risks associated with these products must be carefully addressed, said Kevin Fu, director of the Archimedes Center for Health Care and Medical Device Cybersecurity at Northeastern University.
A second cybercriminal gang - RansomHub - is trying to shake down Change Healthcare's parent company, UnitedHealth Group, and have it pay another ransom for data that an affiliate of ransomware-as-a-service group BlackCat claims to have stolen in February. Is this the latest ruse in a messy attack?
As recovery from its Feb. 21 cyberattack continues, Change Healthcare and its parent company UnitedHealth Group are facing a growing pile of lawsuits, while health sector entities affected by the IT services disruption are dealing with a mounting stack of bills and other paperwork to catch up on.
Besides not doing cyberthreat modeling at all, some the biggest mistakes medical device manufacturers can make are starting the modeling process too late in the development phase or using it simply as a "paper weight exercise," said threat modeling expert Adam Shostack of Shostack & Associates.
What do a California cancer research center; an Indiana ear, nose and throat practice; an Oklahoma ambulance company; and a New York billing firm all have in common? They're among the latest firms to report data exfiltration breaches, which have affected millions of U.S. patients so far this year.
Federal regulators are continuing their crusade for healthcare firms to provide patients and their representatives with timely access to medical records when requested. HHS OCR recently hit two nursing home operators with fines in separate incidents involving HIPAA "right of access" disputes.
A Department of Health and Human Services division that administers funding, training and other services to children and families is putting sensitive data at high risk because of gaps in cloud security controls and practices, according to a watchdog agency report.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.