A Kansas-based vendor is notifying nearly 250,000 patients that their payment card and other personal information may have been compromised in a hacking incident that dates back to 2019 and involves its colonoscopy prep kit online retail business.
Potential regulatory policy moves by the federal government could help healthcare entities dedicate more resources to bolstering their cybersecurity efforts, says Greg Garcia, executive director of cybersecurity at the Health Sector Coordinating Council.
Cybercriminals are becoming bolder in their attacks on healthcare entities and in how they're compromising patient data - and that's a very worrisome trend, says Nicholas Heesters of the Department of Health and Human Services' Office for Civil Rights.
Federal regulators have kicked off the New Year with a $16,000 HIPAA penalty against an Atlanta-based medical testing laboratory for failure to provide timely access to a patient records request. The settlement is the 43rd HHS enforcement action in these types of disputes.
In the latest legal volley between the Federal Trade Commission and Kochava, the FTC is asking a federal court to dismiss a "preemptive" lawsuit filed by the data broker last summer, weeks before the regulatory agency filed an enforcement action against the firm alleging data privacy violations.
Hackers can strike any industry, but there has been an alarming increase in targeted and successful cyberattacks in healthcare. Now, more than ever, it's essential that your healthcare organization is prepared and has strategies in place for managing data breaches. Here are seven strategies to use.
A Utah-based senior healthcare firm paid a $200,000 settlement to two state attorneys general after it delayed reporting a 2019 data breach by 10 months. The breach affected 14,500 individuals and included Social Security numbers and medical treatment information.
The prospect of class action lawsuits being filed in the aftermath of a major data breach often has more impact on breached healthcare organizations than the potential for fines and enforcement actions by government regulators, says attorney Jeff Westerman of Westerman Law Corp.
The planned merging of two health data exchange standards organizations - DirectTrust and the Electronic Healthcare Network Accreditation Commission - will help support healthcare sector efforts to advance secure health data exchange, says Scott Stuewe, CEO of DirectTrust.
A federal judge has denied granting a preliminary injunction against Meta to stop the firm's Pixel tracking code in healthcare websites from collecting and disseminating patient information for advertising. But the judge says he could change his mind as more details about patient privacy emerge.
A resurrected proposal to enhance medical device security is nestled within the 4,155-page, $1.7 trillion omnibus spending bill that the Senate passed Thursday and sent to the House for approval. Medical device makers would be required to meet cybersecurity standards and disclose vulnerabilities.
Bad hackers so often get portrayed as bombastic villains who can "hack the Gibson" while breathlessly exclaiming, "We're in!" Real-world "hack attacks" are typically much more mundane, including an alleged scheme enabling taxi drivers to jump to the head of the line at JFK Airport.
An Oklahoma-based provider of administrative and technology services to healthcare organizations is notifying more than 271,000 individuals that their personal information may have been compromised in a hacking incident involving a third-party data storage vendor.
In his latest rant, Ian Keller, the Troublemaker CISO, decries lazy and bad coding practices, mistakes CISOs may make and unwarranted CISO-blaming by the media, unanswered requests for more funding and staff - and the epic failures all these can produce when a breach happens, as it inevitably will.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.