The Food and Drug Administration has issued a new best practices document for healthcare industry stakeholders and government agencies to use when communicating medical device vulnerabilities to patients and caregivers.
California is extending a waiver that was set to expire this week. Similar to action taken by federal regulators, the extended California waiver relaxes enforcement of certain privacy and security regulations related to healthcare providers that offer telehealth services.
A Philadelphia-based mental health services provider has begun to notify tens of thousands of individuals that their health and personal information was potentially viewed or stolen by hackers in a data security incident discovered more than six months ago.
Hacking incidents - especially those involving ransomware attacks and vendors - continue to rack up some of the largest victim counts in major health data breaches being reported to federal regulators in 2021. Will the trend continue?
The world is experiencing a cybercrime pandemic, which is a direct consequence of COVID-19, according to Amit Basu, CISO and CIO at International Seaways. He offers proactive prevention measures, based on his own experience, for how organizations can stay safe and secure.
The Department of Health and Human Services has named Lisa J. Pino - a former Department of Homeland Security official charged with mitigating the massive 2015 cyberattack on Office of Personnel Management - as the new director of its HIPAA enforcement agency.
For combating ransomware, doing the security basics is essential, including keeping systems updated and patched. Don't follow in the footsteps of one technology firm, which Sophos found got hit by Cring ransomware after attackers exploited ColdFusion software that hadn't been patched in 11 years.
Two proposed class action lawsuits filed this week in a California federal court allege negligence and a variety of other claims against UC San Diego Health in the wake of a phishing incident that affected nearly 496,000 individuals.
The acquisition of the SAFE Identity consortium and its trust framework by DirectTrust, best known for creating and maintaining trust frameworks for secure email messaging in healthcare, will help facilitate new secure health information exchange use cases, says DirectTrust CEO Scott Stuewe.
Two eye care entities are among the latest healthcare provider organizations recently reporting hacking breaches each affecting tens of thousands of individuals. One of the incidents involved a foiled wire transfer fraud attempt.
Alaska's Department of Health and Social Services says it is notifying "all Alaskans" that their personal and protected health information may have been compromised in a nation-state-sponsored cyberattack that was detected in May, from which the department is still recovering.
The FTC warns makers of personal health records, mobile health apps, fitness devices and a variety of similar products and services that they will face stiff civil monetary penalties for failure to comply with the commission's 12-year-old - but never-yet enforced - Health Breach Notification Rule.
While a final rule for enforcement of the 21st Century Cures Act information blocking regulations is slated to be issued this month, some regulators are still uncertain that timeline will stick, or when other related unresolved details will be disclosed.
"Silence is gold." So says ransomware operator Ragnar Locker, as it attempts to compel victims to pay its ransom demand without ever telling anyone - especially not police. But some ransomware-battling experts have been advocating the opposite, including mandatory reporting of all ransom payments.
Effectively managing the cybersecurity of thousands of medical devices takes a highly collaborative approach and "delicate balance" between IT security leaders, biomedical staff and others, say Baptist Health Care's CISO, Thad Philips, and the senior manager of the biomedical program, Tony Williams.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.