The American Hospital Association, along with three other organizations, has filed a federal lawsuit seeking to have the U.S. Department of Health and Human Services withdraw guidance issued last year warning that the use of online trackers by hospitals potentially violates HIPAA.
For over a decade, the HIPAA Security Rule has required covered entities and business associates to engage in risk analysis and management. But due to the recent surges in data breaches within the healthcare sector, it's time to embrace an information asset-based approach to risk analysis.
The Federal Trade Commission in an amended lawsuit complaint unsealed Friday details how Idaho-based data broker Kochava allegedly violated federal law by collecting and disclosing to third parties "enormous" amounts of geolocation and other sensitive information about consumers.
President Joe Biden's recent executive order on artificial intelligence could affect the healthcare sector in an assortment of ways, such as putting checks and balances on plans to promote AI innovation and wider use of AI - while also safeguarding against potential harms to patients.
A Massachusetts-based medical management firm holds the dubious honor of being the first ransomware victim fined for a data breach by the Department of Health and Human Services. Doctors Management Group agreed to a $100,000 financial settlement and three years of HIPAA compliance monitoring.
Genetics testing firm 23andme is facing intensifying scrutiny in the wake of a credential-stuffing hack that leaked genetic ancestry information of potentially millions of customers. That includes at least 16 proposed federal class action lawsuits and an inquiry by a high-ranking U.S. senator.
The volume of known ransomware attacks surged last month to record-breaking levels, with groups collectively listing 514 victims on their data-leak sites, security researchers report. In the lead: long-timer LockBit followed by newcomer LostTrust, with other new groups also having a notable impact.
Federal regulators issued new guidance materials for HIPAA-regulated entities, including a document stressing the importance of sanction policies for workforce members who violate HIPAA, plus two new resources for healthcare providers and patients regarding telehealth privacy and security risks.
Attorneys general across 33 states have reached settlements for three health data breaches that affected nearly 2 million people, including a $1.4 million settlement for a clearinghouse that left patient data exposed for three years. The AGs accused the firms of violating state laws and HIPAA rules.
The FBI is warning plastic surgery practices and their patients of cybercriminals targeting their sensitive health information and medical photos for extortion schemes. The alert followed recent hacking incidents at several plastic surgery practices involving data theft.
The data leak and negotiation sites for the Ragnar Locker ransomware group went offline Thursday after an international law enforcement operation, backed by the FBI and police in Europe, seized its infrastructure. Whether the disruption spells the end for Ragnar Locker remains unclear.
The number of people affected by a Tennessee cardiac care clinic hack has more than doubled to 411,000 since the healthcare group first reported the incident to regulators in July. Cybercriminal group Karakurt claimed responsibility for the attack, which has so far triggered five class action suits.
"Stop waiting; start preparing." This is the message from Robert Teague and Thomas Graham of Redspin, a division of Clearwater, regarding the U.S. Department of Defense's Cybersecurity Maturity Model Certification. CMMC is coming, they say, and now is the time to get ready.
A recent attack by a Russian ransomware-as-a-service group that stole the personal information of 2.5 million patients of McLaren Health Care has triggered at least three proposed federal class action lawsuits in recent days, claiming the healthcare company failed to protect patient privacy.
America's largest hospital lobbying group says Congress should pressure health regulators into retracting a warning that online trackers embedded into patient portals could violate medical privacy law. Sen. Bill Cassidy, R-La., is seeking feedback for potential improvements to HIPAA.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.