New York regulators are warning millions of individuals of identity theft risks involving a data theft at a medical transcriber that has now affected patients of at least two major healthcare groups, including Crouse Health and Northwell Health in the state. Lawsuits in the case are also piling up.
Federal regulators have smacked a New York medical center with an $80,000 penalty as part of a settlement for a HIPAA privacy breach involving the information of three patients that was exposed to a reporter and distributed nationally during press coverage in the early days of the COVID-19 pandemic.
New York State will soon seek public comment on sweeping new cybersecurity regulations for hospitals. The proposed rules would come with $500 million in requested funding to help the providers step up their security investments to comply with the new requirements.
The number of healthcare organizations and patients affected by a recent data theft at medical transcription firm Perry Johnson & Associates is expanding: The company now says the breach affected the sensitive information of about 9 million people.
A virtual pharmacy and mail-order prescription drug firm is notifying about 2.36 million patients of a hacking incident that compromised their sensitive information. In the past week, attorneys have filed at least six proposed federal class action lawsuits related to the breach.
McLaren Health Care is notifying nearly 2.2 million people of a data breach weeks after ransomware group Alphv/BlackCat claimed to have stolen 6 terabytes of patient records in a recent attack. In the meantime, the number of lawsuits filed against McLaren related to the incident continues to climb.
A San Diego public hospital is diverting ambulances and patients to other facilities as it is dealing with a cyberattack this week. The medical center is the latest on a growing list of regional hospitals forced to suddenly shift patients to neighboring entities due to a cybersecurity crisis.
A shared IT services provider and its five Ontario member hospitals say their recovery from a Daixin Team ransomware attack in October could last into December as the group rebuilds its IT network. Meanwhile, the outage will continue to disrupt patient services, including diagnostics and treatments.
The American Hospital Association, along with three other organizations, has filed a federal lawsuit seeking to have the U.S. Department of Health and Human Services withdraw guidance issued last year warning that the use of online trackers by hospitals potentially violates HIPAA.
For over a decade, the HIPAA Security Rule has required covered entities and business associates to engage in risk analysis and management. But due to the recent surges in data breaches within the healthcare sector, it's time to embrace an information asset-based approach to risk analysis.
The Federal Trade Commission in an amended lawsuit complaint unsealed Friday details how Idaho-based data broker Kochava allegedly violated federal law by collecting and disclosing to third parties "enormous" amounts of geolocation and other sensitive information about consumers.
President Joe Biden's recent executive order on artificial intelligence could affect the healthcare sector in an assortment of ways, such as putting checks and balances on plans to promote AI innovation and wider use of AI - while also safeguarding against potential harms to patients.
A Massachusetts-based medical management firm holds the dubious honor of being the first ransomware victim fined for a data breach by the Department of Health and Human Services. Doctor Management Group agreed to a $100,000 financial settlement and three years of HIPAA compliance monitoring.
Genetics testing firm 23andme is facing intensifying scrutiny in the wake of a credential stuffing hack that leaked genetic ancestry information of potentially millions of customers. That includes at least 16 proposed federal class action lawsuits and an inquiry by a high-ranking U.S. senator.
Federal regulators issued new guidance materials for HIPAA-regulated entities, including a document stressing the importance of sanction policies for workforce members who violate HIPAA, plus two new resources for healthcare providers and patients regarding telehealth privacy and security risks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
