Michael Hamilton, CISO at security firm Critical Insight, discusses health data breach trends. The bad news: The number of major breaches reported to regulators in 2021 hit a record high. The good news: The rate of breaches reported last year compared to 2020 appears to be slowing down.
Vision benefits provider EyeMed has agreed to pay $600,000 and implement a long list of data security improvements as part of a settlement with the New York attorney general's office following a 2020 email breach that affected 2.1 million individuals, including nearly 99,000 New Yorkers.
In the midst of a global pandemic, the federal breach tally shows that a record number of major health data breaches were reported in the U.S. in 2021, and the overwhelming majority of them involved hacking/IT incidents. Will those trends continue in 2022?
A family medical practice is notifying nearly 200,000 individuals that their information was compromised in a 2020 ransomware attack on cloud hosting vendor Netgain Technology, an incident that also affected several of the vendor's other clients and hundreds of thousands of their patients.
Maryland officials confirm that a December cyberattack on the state's health department, which is still disrupting some services, involved ransomware - but that no ransom was paid. Also, lawsuits have been filed against a Florida specialty pharmacy in the wake of a November cyber incident.
Healthcare and public health sector entities must heed the warnings this week by federal authorities of Russian state-sponsored cyberthreats to critical infrastructure organizations, some experts say. Why are the stakes so high?
A proposed class action lawsuit has been filed against a practice management and electronic health records vendor in the wake of a 2021 cyberattack affecting nearly 320,000 individuals. Among other demands, the lawsuit seeks a long list of security improvements by the company.
A healthcare technology vendor is notifying dozens of its healthcare provider clients of an email security breach affecting their patients' protected health information. Experts say the incident serves as the latest reminder of the risks business associates pose to sensitive healthcare data.
A Florida public hospital system has kicked off the New Year of breaches by reporting to regulators a hacking incident detected in October that involved data exfiltration affecting the personal information of more than 1.3 million patients and employees.
Buckle up. The healthcare industry and consumers are heading into the New Year with indications of significant changes to the regulation and enforcement of health information privacy and security by the Department of Health and Human Services. What's in store?
Health technology providers - including makers of mobile health apps, personal health records, fitness devices and other related products - must keep a watchful eye on critical evolving privacy and regulatory issues in the months ahead, says attorney Brad Rostolsky of the law firm Reed Smith.
Two healthcare sector entities are in the process of notifying a total of nearly 750,000 individuals of recent hacks compromising patients' protected health information. Separately, regulators have issued HIPAA guidance pertaining to PHI disclosures involving "extreme risk" and firearms.
As the final days of 2021 near, healthcare entities in and outside the U.S. continue to deal with systems disruptions and major data breaches involving ransomware and other cyberattacks. The latest includes a hospital for women and infants in Ireland and a large specialty medical practice in Texas.
A New Jersey cancer treatment center and two of its affiliated entities have agreed to pay $425,000 and to bolster data security and privacy practices in a settlement with state regulators in the wake of two related 2019 data breaches.
An anesthesiology practice and an accounting firm are among the latest organizations reporting ransomware-related health data breaches. Meanwhile, other entities and vendors that serve the healthcare sector are dealing with their own challenges and fallout involving recent ransomware incidents.