Proposed federal sticks and carrots to incentivize the health sector to implement stronger cybersecurity standards are already meeting opposition from some industry groups that say financial help is welcome but payment penalties for perceived laggards likely will do more harm than good.
The 2024 Healthcare Cybersecurity Benchmarking Study — a collaboration between Censinet, KLAS, the American Hospital Association, Health-ISAC, and the Healthcare and Public Health Sector Coordinating Council — provides an overview on the state of healthcare cybersecurity preparedness, maturity, and resiliency. It...
Artificial intelligence (AI) has huge potential to transform healthcare for the better, but given AI’s unbridled adoption across the industry in just the past year alone, healthcare organizations must begin to actively manage the risks that AI presents to cybersecurity and patient safety. Based on conversations with...
As ransomware continues to threaten care operations at hospitals and health systems across the country, managing enterprise cyber risk now means managing risks to patient safety. This Solution Brief provides 5 best practices for identifying, managing, and mitigating enterprise cyber risk to help health systems...
‘Next-generation’ GRC professionals now play a pivotal role in guiding executive decisions, helping the Board understand and set cybersecurity risk tolerance levels, and working with the frontline business to decide which risks should be remediated, mitigated, or even accepted. This business-focused approach...
Revenue cycle management firm MedData has agreed to a $7 million settlement in a class action lawsuit filed after an employee inadvertently uploaded and exposed the health and personal information of about 136,000 individuals on the public-facing part of GitHub for more than a year.
Federal regulators have issued updated guidance about web trackers on patient portals or other health-related websites, saying that collecting and disclosing certain information - such as device IP addresses - does not necessarily pose HIPAA violations, under some circumstances.
A Mississippi women's health clinic has filed a proposed class action lawsuit against UnitedHealth Group alleging the disruption in claims processing caused by the cyberattack on the company's Change Healthcare unit and the resulting IT outage is threatening to push the practice into bankruptcy.
Healthcare sector organizations need to focus their attention on meeting the "voluntary" essential and enhanced cybersecurity performance goals set out by federal regulators before they become potential mandates, said Kate Pierce, virtual information security officer at Fortified Heath Security.
It's critical for hospitals and other firms to not only prepare for how they will respond to a cyberattack but also to consider the regional impact if a neighboring provider of services needed in the community is disrupted by a serious cyber incident, said Margie Zuk of Mitre.
Federal regulators have informed UnitedHealth Group that they have launched a full-fledged investigation into a potential massive compromise of protected health information stemming from the Change Healthcare cyberattack. A potential PHI breach could affect tens of millions of individuals.
The Department of Health and Human Services is working on grant programs and other financial programs to help under-resourced healthcare organizations deal with the cybersecurity challenges they're facing, said La Monte Yarborough, CISO and acting deputy CIO at HHS.
The Change Healthcare attack is already providing valuable lessons to healthcare firms - mostly about the importance of resilience, especially when it comes the industry's supply chain and third parties, said Nitin Natarajan, deputy director of the Cybersecurity and Infrastructure Security Agency.
UnitedHealth Group expects some key IT systems and services affected by the recent cyberattack on its Change Healthcare unit to regain functionality over the next week to 10 days. Certain pharmacy services are already restored. But the American Medical Association is not impressed.
As the fallout continues in the Change Healthcare IT outage, the U.S. healthcare ecosystem is anticipating the next bombs to drop in what's shaping up to be the worst cyberattack the sector has experienced so far. What should entities be considering as they push forward in the recovery?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.