Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure...
Arkansas Attorney General Leslie Rutledge announced this week that legal action is being taken against Country Medical Services Inc., the former operator of Eastern Ozarks Regional Health System in...
View ArticleClik here to view.
February 2022 Healthcare Data Breach Report
For the third successive month, the number of data breaches reported to the HHS’ Office for Civil Rights (OCR) has fallen. 46 healthcare data breaches of 500 or more records were reported to OCR in...
View ArticleOCR Announces 4 Financial Penalties to Resolve HIPAA Violations
The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced its first financial penalties of 2022 to resolve alleged violations of the Health Insurance Portability and...
View ArticleAudit of the Connecticut Health Insurance Exchange Uncovers 44 Unreported...
An audit of Connecticut’s Health Insurance Exchange, Access Health CT, by the state auditor has revealed Access Health CT suffered 44 data breaches over the last 3.5 years that had not been fully...
View ArticleIncrease in Class Action Lawsuits Following Healthcare Data Incidents
The law firm BakerHostetler has published its 8th Annual Data Security Incident Response (DSIR) Report, which provides insights based on 1,270 data security incidents managed by the firm in 2021. 23%...
View ArticleOn-the-spot Email Interventions Reduce Repeat Medical Record Snooping...
Immediate intervention following an instance of unauthorized access to protected health information (PHI) by a healthcare employee is 95% effective at preventing repeat offenses, according to a new...
View ArticleClik here to view.
March 2022 Healthcare Data Breach Report
For the fourth successive month, the number of reported healthcare data breaches has fallen. In March 2022, 43 healthcare data breaches of 500 or more records were reported to the U.S. Department of...
View ArticleHHS Warns HPH Sector About Insider Threats in Healthcare
Healthcare data breaches are occurring in record numbers, but not all privacy and security threats come from outside the organization. The Department of Health and Human Services’ Health Sector...
View ArticleClik here to view.
HHS Information Security Program Rated ‘Not Effective’
An audit of the Department of Health and Human Services conducted for the HHS’ Office of Inspector General (OIG) to assess compliance with the Federal Information Security Modernization Act of 2014...
View ArticleNIST Published Updated Cybersecurity Supply Chain Risk Management Guidance
On Thursday, the National Institute of Standards and Technology (NIST) published updated cybersecurity supply chain risk management (C-SCRM) guidance to help organizations develop an effective program...
View ArticleNew Framework for Assessing the Privacy, Security, and Safety of Digital...
The American College of Physicians (ACP), American Telemedicine Association (ATA), and the Organization for the Review of Care and Health Applications (ORCHA) have collaborated to produce a new...
View ArticleConnecticut Passes Comprehensive Data Privacy Law
Connecticut has joined California, Colorado, Utah, and Virginia in passing a comprehensive new data privacy law that establishes responsibilities for businesses that collect and process the personal...
View ArticleHC3 Highlights Trends in Ransomware Attacks on the HPH Sector
The tactics, techniques, and procedures (TTPs) used by ransomware and other cyber threat actors are constantly evolving to evade detection and allow the groups to conduct more successful attacks. The...
View ArticleClik here to view.
April 2022 Healthcare Data Breach Report
After four successive months of declining numbers of data breaches, there was a 30.2% increase in reported data breaches. In April 2022, 56 data breaches of 500 or more records were reported to the...
View ArticleClik here to view.
Verizon Data Breach Investigations Report Reveals 2021 Data Breach Trends
For the past 15 years, Verizon has been publishing annual Data Breach Investigation Reports (DBIR), with this year’s report confirming just how bad the past 12 months have been. Verizon described the...
View ArticleStudy Identifies Risks Associated with 3rd and 4th Party Scripts on Websites
A recent study by Source Defense examined the risks associated with the use of third- and fourth-party code on websites and found that all modern, dynamic websites included code that could be targeted...
View ArticleStudy Reveals One Third of Top 100 U.S. Hospitals are Sending Patient Data to...
An analysis of hospitals’ websites has revealed one-third of the top 100 hospitals in the United States are sending patient data to Facebook via a tracker called Meta Pixel, without apparently...
View ArticleBill Seeks to Ban Data Brokers from Selling Health and Location Data
A new bill has been introduced by Sen. Elizabeth Warren (D-MA) that seeks to ban data brokers from selling the health and location data of Americans. The bill, The Health and Location Data Protection...
View ArticleClik here to view.
May 2022 Healthcare Data Breach Report
May 2022 saw a 25% increase in healthcare data breaches of 500 or more records. 70 data breaches of 500 or more records were reported to the Department of Health and Human Services’ Office for Civil...
View ArticleMeta Sued over the Scraping of Patient Data from Hospital Websites
A lawsuit has been filed against Meta that alleges the social media giant has been knowingly collecting patient data from hospital websites via the Meta Pixel tracking tool, and in doing so has...
View Article