Federal regulators have fined a Catholic healthcare system $35,581 for HIPAA violations requiring a corrective action plan after the Pennsylvania provider impermissibly disclosed a female patient's reproductive health and other sensitive information to a prospective employer.
The U.S. Department of Health and Human Services' Office for Civil Rights should restart and toughen the scope of its HIPAA audits. A watchdog agency says HHS needs to better assess whether regulated healthcare organizations are taking required actions to reduce their cybersecurity risk.
An Illinois gastroenterology practice and a California pulmonary practice are among the latest medical specialty groups targeted by cybercriminals who claim to have their patients' sensitive health information. Attacks on such specialty healthcare practices appear to be rising, some experts said.
Federal regulators have fined a Los Angeles county mental health clinic $100,000 for failure to provide a patient with timely access to her requested health records during the COVID-19 pandemic. The case is the U.S. government's 51st HIPAA patient right-of-access enforcement action.
An Oklahoma hospital quickly restored its IT systems after a ransomware attack in September, but the 62-bed hospital could not recover some data and later learned that hackers may have accessed the personal information of 133,000 people. The attack is the latest involving a small rural hospital.
Ransomware group Embargo is threatening to publish nearly 1.5 terabytes of data allegedly stolen in an attack on American Associated Pharmacies, a collaborative of 2,000 independent pharmacies. The gang is shaking down AAP for the second installment of an alleged agreed-up ransom deal.
A New York state court has approved a preliminary $1.5 million settlement of a consolidated proposed class action lawsuit against One Brooklyn Health System following a November 2022 cyberattack that involved theft of sensitive health data belonging to more than 235,000 people.
President elect Donald Trump said Thursday he will nominate prominent vaccine skeptic Robert F. Kennedy Jr. as secretary to head up the U.S. Department of Health and Human Services. His stances on health information privacy, security and healthcare sector cyber matters are not well known.
Embargo, a newcomer group to the ransomware scene, is threatening to begin publishing 1.15 terabytes of data belonging to a small rural Georgia hospital and nursing home attacked last week unless a ransom is paid before Tuesday. Experts say the double extortion gang disables victims' security tools.
In the latest weekly update, ISMG editors discussed how the recent election results may reshape U.S. cybersecurity policy and healthcare privacy under HIPAA and the groundbreaking role of artificial intelligence in Google’s recent discovery of a critical zero-day vulnerability.
A hacking incident at Thompson Coburn, a national law firm based in Missouri, has affected an unspecified number of patients of a healthcare sector client, Presbyterian Healthcare Services in New Mexico. But a big unanswered question is whether other clients were affected.
With Donald Trump set to return to the White House to serve another four-year term as U.S. president, what might the healthcare sector expect to see when it comes to his next administration's cybersecurity priorities and HIPAA regulations and enforcement? Experts weigh in.
Federal regulators are again signaling that stronger cybersecurity practices could be tied to financial incentives for doctor offices that participate in Medicare. The regulatory lever may be the Centers for Medicare and Medicaid Services Merit-based Incentive Payment System.
A small community hospital and its nursing home in rural Georgia have resorted to paper charts and other manual process for patient care as they deal with a ransomware attack discovered Saturday that knocked its electronic health records and other IT systems offline.
Dr. James Breit recalled the day a hacker locked up his systems with ransomware at his plastic surgery practice. He paid $53,000 in ransom. Nearly, seven years later, after paying a $500,000 HIPAA fine, Breit claims he got better treatment from the cybercriminals than he did federal regulators.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.