The final version of the NIST Cybersecurity Practice Guide for Securing Wireless Infusion Pumps in healthcare delivery organizations prepared by the National Cybersecurity Center of…
There is a code vulnerability discovered in Qualcomm Life’s Capsule Datacaptor Terminal Server (DTS). A threat actor could remotely exploit the vulnerability to acquire administrator…
Reuters Institute at the University of Oxford did a research and discovered that there was a 22% decline in the number of tracking cookies on…
Th BD Alaris Plus medical syringe pumps has a crucial wirelessly exploitable vulnerability. When linked to a terminal server through the serial port, the medical…
Consent management platform Quantcast Choice released a report recently that pointed out that European Union (EU) domains obtain on average a consent rating of above…
Ovum performed a survey lately for analytics company FICO, which showed there was a significant increase in businesses getting cybersecurity insurance, yet the healthcare sector…
Legacy Health found an unauthorized person has obtained access to its email system as well as the protected health information (PHI) of about 38,000 patients….
Anthem Inc. offered a $115 million settlement deal in 2017 to take care of the class action legal cases submitted by the victims of a…
The Department of Health and Human Services’ Office of Inspector General (OIG) revealed the discoveries of the audit of Maryland’s Medicaid system they carried out….
Three Democrat legislators accused the Oklahoma Department of Veteran Affairs of breaking Health Insurance Portability and Accountability Act (HIPAA) Rules. They have likewise called for…
MedSpring Urgent Care is a group of critical care clinics established in Atlanta, Austin, Chicago, Fort Worth, Dallas, and Houston, which identified an unauthorized individual…
Approximately 300,000 patients from SSM Health St. Mary’s Hospital based in Jefferson City, Missouri were advised about the exposure of some of their protected health…
The HIPAA Security Rule mandates covered entities to consistently safeguard the confidentiality, integrity and availability of protected health information (PHI). The duties of healthcare companies…
This is a summing up of healthcare data breaches shared as of late to the press and the Department of Health and Human Services’ Office…
A survey conducted by the healthcare marketing agency SCOUT revealed that consumers are not as much concerned about the privacy and safety of their medical…
The protected health information (PHI) of more than 19,000 patients was compromised as a result of a mistake that a transcription service vendor made while…
A data security breach took place at Confluence Health, which is a non-profit health system operating Wenatchee Valley Hospital, Central Washington Hospital and other satellite…
According to the healthcare data breach report for June 2018, healthcare data breaches increased by 13.8% from last month. However the data breaches were not…
Two healthcare providers sent in reports of phishing attacks that granted cyber criminals access to patients’ protected health information (PHI). The attackers in both incidents…
The Golden Heart Administrative Professionals located in Fairbanks, AK serves as a business associate to local healthcare providers by providing invoicing as a service. It…
LabCorp is a clinical laboratory in the United States that had encountered a cyberattack allowing hackers to possibly view or copy the protected health information…
The email account of doctors at UMC Physicians located in Texas was attacked by hackers which brought about the likely compromise of certain protected health…
As per a report publicized in Tennessean, one of Metro Health’s personnel made a mistake causing the exposure of the protected health information (PHI) of…
Law enforcement investigated the involvement of an employee at Arkansas Children’s Hospital in the theft and improper use of patients’ protected health information (PHI). According…
Manitowoc County in Wisconsin suffered a phishing attack which resulted to protected health information (PHI) being stolen. The phishing attack most likely took place on…
The American Hospital Association (AHA) members are concerned about the proposed rule by HHS — Centers for Medicare and Medicaid Services’ hospital inpatient prospective payment…
ICS-CERT has given an announcement concerning two vulnerabilities recently discovered in Medtronic MyCareLink patient monitors. Patients who have implantable cardiac devices use these devices to…
A breach involving physical protected health information (PHI) was reported by the Associated Dermatology & Skin Cancer Clinic of Helena, MT. The PHI of 1,254…
The objective of the Overdose Prevention and Patient Safety Act (H.R. 6082) is to ease limitations on the disclosure of medical records of patients suffering…
Covered entities reported a total of 41 healthcare data breaches in April and 29 in May. Even though the healthcare data breaches decline by 29.27%…
Patients of two HIPAA-covered entities got notification letters that their protected health information (PHI) had been compromised because of burglaries. The first breach incident happened…
When healthcare companies treat patients located in the European Union and gather information from EU locals, they should follow the General Data Protection Regulation (GDPR)….
Apple presented an application programming interface (API) which app developers could use to make health apps combining patients’ EHR data. Using the Apple Health Records…
Healthcare companies could implement DMARC, the Domain-based Message Authentication, Reporting and Conformance Standard, to identify email spoofing and prevent it. The thing is only some…
Steward Healthcare System in Boston terminated Psychiatrist Alexander Lipin for purportedly violating HIPAA rules. But, Lipin rejected the accusation and professed that his dismissal was…
Carolina Insurance Data Security Act on May 14, 2018. The law is comparable to the Insurance Data Security Model law which the National Association of…
There is a provision in the 2009 Health Information Technology for Economic and Clinical Health (HITECH) Act that HIPAA violations and data breaches victims are…
April was an awful month as the healthcare market got a greater number of health data breaches and individuals affected compared to March 2018. The…
The Department of Homeland Security’s (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has published notices concerning the vulnerabilities in certain medical products manufactured…
The Government Accountability Office (GAO) lately performed an audit which revealed that patients continue to face many difficulties in obtaining copies of their health records….
On March 10, 2018, Cerebral Palsy Research Foundation of Kansas (CPRF) found out that the security defense of one of its databases was disabled for…
Capital Digestive Care, gastroenterology group based in Silver Spring, Maryland, found out the mistake made by its business associate. It seems that the BA uploaded…
The Protenus’ quarterly breach barometer report is a collection of data breach info supplied by Databreaches.net and the artificial intelligence program created by Protenus. The…
Florida Hospital uses three websites that had been infected with malware. Because of the malware attack, the threat actors potentially had access to the protected…
Wombat Security recently published Beyond the Phish Report, which revealed the lack of understanding healthcare employees on common security threats. The report was a compilation…
Patients of the Center for Orthopaedic Specialists are being notified because unauthorized individuals potentially accessed some of their protected health information (PHI) when ransomware was…
Healthcare organizations easily become victims of cyberattacks because of continually using outdated software and not patching vulnerabilities promptly. This problem is evident in the WannaCry…
The medical devices that have come out in the market have increased in the past few years. The devices have been very helpful in allowing…
The protected health information of 582,174 patients of the California Department of Developmental Services (DDS) was potentially compromised. Thieves broke into the legal and…
Chief U.S. District Judge Gina M. Groh sentenced Angela Dawn Roberts, a former employee at Berkeley Medical Center, to 5 years’ probation for being involved…
Provider group Texas Health Resources based in Arlington is notifying approximately 4,000 patients that an unauthorized person accessed some of their sensitive information. The security…
The number of SamSam ransomware attacks on government and healthcare organization increased in recent months. These incidents prompted the Department of Health and Human Service’s…
There were 10 SamSam ransomware attacks since December 2017. The attacks were mostly on government and healthcare providers in the United States. There were other…
A group of 112 hackers, penetration testers and incident responders were surveyed to find out how fast they can access a targeted system. The survey…
The Department of Health and Human Services filed a motion to dismiss the lawsuit filed by Ciox Health for lack of standing. Early this year,…
Ponemon Institute conducted a study on behalf of Merlin International involving 627 healthcare executives in the United States and found that healthcare organizations are failing…
Oregon state governor Kate Brown just signed Senate Bill (SB 1551) last month to update several regulations including Oregon’s Breach Notification Law (O.R.S. 646A.604) and…
JAMA recently published a study that highlighted the frequent improper disposal of PHI. Although the study was based in Canada, which is a location not…
Finger Lakes Health in Geneva, NY had a ransomware attack that made its computer system inaccessible. The health system did not stop its operations but…
Anomali and the National Health Information Sharing and Analysis Center (NH-ISAC) have partnered to provide threat intelligence to healthcare organizations. Anomali can help in several…
Ponemon Institute conducted a survey sponsored by Merlin International which revealed that 62% of healthcare organizations experienced data breaches in the past year resulting to…
PhishMe, which is now called Cofense, received five 2018 Cybersecurity Excellence Awards for its products that provide phishing defense solutions. Cybersecurity Insiders together with the…
The Federal Bureau of Investigation (FBI) warned businesses, educational institutions and healthcare organizations regarding the significant increase in phishing attacks on payroll employees. The phishing…
Health Net California, a provider of government employees’ benefits, has been marked as not willing to undergo security audits as per the Flash Audit Alert…
A long-time hacker was able to access medical records of close to 1,900 patients of the University of Virginia Healthcare System using malware infection. How…
The January 2018 Healthcare Data Breach report is now available. Based on the healthcare security incidents reported to the Department of Health and Human Services’…
Ayal Hassidim, MD of Hadassah Hebrew University Medical Center in Jerusalem conducted a research in collaboration with researchers from Harvard Medical School, Duke University and…
The Cyber Incident & Breach Trends Report published by Online Trust Alliance considers 2017 as the worst year ever for cybersecurity incidents. The number of…
A bipartisan team of legislators in Colorado recommended modifying its privacy and data breach notification laws for Colorado residents to obtain better security. If approved,…
Nebraska lawmakers voted 34-0 during the first round of voting on a bill introduced by Senator Adam Morfield. The bill seeks to further protect Nebraska…
Aetna took legal action against Kurtzman Carson Consultants (KCC), the administrative support company that handled the July 2017 mailing for Aetna. That mailing project resulted…
The Department of Health & Human Services (HHS) released a proposed rule that helps small businesses and self-employed workers to get less expensive health coverage….
The Health Insurance Portability and Accountability Act has no private cause of action. Because of this, patients cannot sue healthcare providers for privacy violations. But…
The healthcare security breaches in Q4 of 2017 decreased by 13%. In Q3, there were 99 data breaches reported to the Department of Health and…
The healthcare data breaches in December 2017 significantly increased by 81% from the previous month. Thirty-eight healthcare data breaches that impacted over 500 persons were…
The University of Phoenix College of Health Professions conducted a survey recently that involved 504 full time registered nurses (RNs) and administrative staff across the…
Kathryn Marchesini is the new appointed chief privacy officer at the Office of National Coordinator for Health IT (ONC). She replaced Acting Chief Privacy Officer…
The Agency for Health Care Administration in Florida discovered that an employee’s email account was accessed by an unauthorized person. The employee got a malicious…
The non-profit health system SSM Health based in St. Louis, MO discovered the unauthorized access of patient health records by a former employee. The former…
In the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) newsletter issued last December, travelling healthcare professionals were given recommendations to…
The University of Rochester Medicine’s Jones Memorial Hospital in Wellsville, New York experienced an unexpected downtime because of a cyberattack on December 27, 2017. The…
A serious WannaCry ransomware attack occurred in May 2017. The hackers exploited vulnerabilities in the UK’s National Health Service (NHS) systems. They installed their malicious…
Ponemon Institute conducted a study on current endpoint security trends. Two of the threats that need to be dealt with are ransomware and fileless malware…
Columbus Surgery Center, LLC and Eye Physicians, P.C in Columbus, Nebraska were attacked by ransomware resulting in the potential protected health information exposure of about…
NYU Langone Health System Data Breach A binder that contained a log of presurgical insurance authorizations from NYU Langone Health System was mistakenly recycled by…
Twenty one reports of healthcare data breaches with over 500 affected individuals were submitted to the U.S. Department of Health and Human Services’ Office for…
HIMSS Analytics conducted a study for email security firm Mimecast. The survey results showed that 78% of healthcare organizations had been attacked by ransomware or…
Chicago’s Sinai Health System was compromised when two of its employees’ email accounts were involved in a phishing attack. The phishing incident that took place…
The American Hospital Association (AHA) wrote a letter to the House Ways and Means Health Subcommittee concerning how the Congress can help lessen the regulatory…
As reported by cloud threat defense firm RedLock, the number of misconfigured cloud services is growing. Some of the incidents that had been reported include…
Much of the healthcare industry now use secure cloud storage services to store files of electronic protected health information (ePHI) and to host web applications….
Some physical files of medical records from Women’s Health Consultants in South Whitehall Township and Hanover Township, PA were dumped in a recycling center in…
Another unencrypted laptop got stolen from an employee of Rocky Mountain Health Care Services of Colorado Springs. This is the second time that a similar…
The protected health information of 1,200 UPMC Susquehanna patients has potentially been exposed to unauthorized persons. UPMC Susquehanna is a network of hospitals and medical…
The state of New York will introduce the SHIELD Act, which stands for Stop Hacks and Improve Electronic Data Security Act. This law requires all…
Patients of Cook County Health and Hospitals System received notification of a breach of their protected health information. Two hospitals and about a dozen community…
Earlier this month, the Secretary of the U.S. Department of Health and Human Services has issued a limited waiver of HIPAA sanctions and penalties in…
Protenus-an organisation dedicated to patient privacy monitoring of electronic health records-has released its Breach Barometer report. The report shows there was a significant increase in…
Amida Care-a not-for-profit community healthcare service based in New York-has reported a HIPAA breach to the Office of Civil Rights (OCR). Their initial report reveals…
In the third quarter of 2017, Q3, 2017, HIPPA covered entities reported 99 breaches of healthcare data, each involving more than 500 records, reported to…