A malware incident involving exfiltration of data has affected more than 1.24 million patients of Texas-based Baptist Medical Center and Resolute Health Hospital. It adds to a growing list of major health data breaches reported to regulators in recent weeks as affecting millions of individuals.
Four proposed federal class action lawsuits filed in recent days against MCG Health LLC in the wake of a recently disclosed 2020 hacking incident affecting up to 1.1 million individuals allege negligence and violations of various laws by the clinical guidelines vendor.
A proposed federal class action lawsuit alleges that Facebook is unlawfully collecting "millions" of individuals' information from the websites and patient portals of "hundreds" of medical providers without the knowledge and consent of patients.
Worries among Democratic lawmakers that the U.S. Supreme Court will overturn a key abortion ruling have led Sen. Elizabeth Warren, D-Mass., to introduce legislation that would ban data brokers from selling or transferring sensitive health and location data.
Several major email breaches reported by healthcare entities in recent days and weeks have affected the health data of nearly 300,000 individuals. Experts say the incidents highlight the ongoing challenges many organization face involving phishing attacks and similar email compromises.
An Arizona medical center that suffered a ransomware attack in April has begun notifying 700,000 individuals of a data breach compromising sensitive medical and personal information. The incident is among the latest major health data breaches involving ransomware.
Federal regulators have signaled plans to release video guidance on the "recognized security practices" they will consider when taking HIPAA enforcement actions against organizations. New audio telehealth guidance was also unveiled.
A hacking incident involving data theft from a prominent provider of medical imaging services in Massachusetts has affected 2 million individuals, making it the largest health data breach reported to federal regulators so far this year. The company says the data was stolen in March.
Memo to IT administrators: Don't store data in cloud in an unsecure manner. Security researchers at Secureworks have found more than 1,200 cloud-based, unsecured Elasticsearch databases that attackers wiped, leaving only a ransom note demanding Bitcoin in return for their restoration.
Manufacturing is a huge industry with massive amounts of critical data and IoT surfaces, and it is also a lucrative target for cybercriminals. CyberEdBoard member Shankar Karthikason discusses how to secure your OT environment and build an effective cybersecurity program.
Two recent apparent ransomware attacks on health plans have potentially affected hundreds of thousands of individuals. One of the incidents allegedly involved the Conti ransomware group, and the other allegedly involved Hive. One of the health plans is already facing legal fallout.
The list of ophthalmology practices and the number of individuals affected by a December hacking incident at a cloud-based electronic health records vendor, which resulted in deleted databases, are growing as more details about the attack slowly emerge.
Auditors have once again rated the Department of Health and Human Services' information security program as "not effective," citing several areas of weaknesses, including issues related to risk management, information security continuous monitoring and contingency planning.
Recent incidents affecting the sensitive information of tens of thousands of individuals underscore the ongoing threats and risks facing organizations that handle health and other delicate personal information, including a community health center and a social services agency.
The cost of a data breach is mighty. And for healthcare entities, the cost of a HIPAA violation also can prove costly. Greg Hoffman of Paubox shares five critical steps you might be overlooking to ensure emails remain HIPAA-compliant and tells how to take compliance responsibility out of human hands.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.