An insider breach at a Florida pain management firm and an email breach at a Colorado pediatric hospital have resulted in more than $1.7 million in fines for HIPAA violations found by federal investigators. The two incidents affected fewer than 50,000 people.
The torrents of public hostility directed at health insurers in the aftermath of UnitedHealthCare CEO Brian Thompson's murder are serious signs of intensifying cyber and physical threats facing the C-suites of healthcare and many other sectors, said Chris Pierson, founder and CEO of BlackCloak.
Law enforcement investigating murder of Brian Thompson, CEO of UnitedHealthcare, are examining potential motives. But shell casings reportedly found at the crime scene spotlight one of the top motives speculated - anger over the company's alleged denial of coverage practices. Where does AI fit in?
Hackers can potentially use AI to manipulate data that's generated and shared by some health apps, diminishing the data's accuracy and integrity, said Sina Yazdanmehr and Lucian Ciobotaru of cybersecurity firm Aplite, describing a recent research project involving Google Health Connect.
GoodRx has reached a $25 million preliminary settlement of proposed class action litigation alleging the telehealth company violated privacy and an assortment of other laws and statutes when it previously collected and shared consumers' information with third parties through online tracking tools.
The Centers for Medicare and Medicaid Services has issued proposed "guardrails" to help ensure that the use of artificial intelligence for Medicare Advantage insurance plans does not result in inequitable access to healthcare-related services. The proposed rule will go into effect in 2026.
At least three National Health Service hospitals in U.K. are responding to recent cyber incidents, including a children's hospital and a heart and chest specialty hospital - both located in Liverpool - that share IT systems. INC Ransom claims to have stolen data from the two hospitals.
Thousands of unique IP addresses are potentially exposing medical devices, electronic medical records systems and other sensitive healthcare information to the internet, said security researcher Himaja Motheram of security firm Censys, which made the discovery.
Federal regulators have fined a Catholic healthcare system $35,581 for HIPAA violations requiring a corrective action plan after the Pennsylvania provider impermissibly disclosed a female patient's reproductive health and other sensitive information to a prospective employer.
The U.S. Department of Health and Human Services' Office for Civil Rights should restart and toughen the scope of its HIPAA audits. A watchdog agency says HHS needs to better assess whether regulated healthcare organizations are taking required actions to reduce their cybersecurity risk.
A U.K. National Heath Service teaching hospital in northwest England reported a major cyberincident on Tuesday that forced the healthcare facility to cancel outpatient appointments for the day. Maternity services, neo-natal and emergency triage are "running as normal."
An Illinois gastroenterology practice and a California pulmonary practice are among the latest medical specialty groups targeted by cybercriminals who claim to have their patients' sensitive health information. Attacks on such specialty healthcare practices appear to be rising, some experts said.
Russian-based cybercrime gang BianLian has continued to thrive since shifting from using double extortion strategies to primarily data theft last year. BianLian is the third most active ransomware gang with a penchant for healthcare, and authorities are warning that the group has adopted new TTPs.
The U.S. Department of Health and Human Services needs to take important actions to do a better job of carrying out its duties as the lead federal agency responsible for strengthening cybersecurity in the healthcare and public health sector, said a new federal watchdog agency report.
Federal regulators have fined a Los Angeles county mental health clinic $100,000 for failure to provide a patient with timely access to her requested health records during the COVID-19 pandemic. The case is the U.S. government's 51st HIPAA patient right-of-access enforcement action.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.