A class action lawsuit filed against Allscripts in the wake of a ransomware attack that recently disrupted patient care at hundreds of healthcare practices will spotlight a variety of critical security and legal issues, says Steven Teppler, the plaintiffs' attorney, in this in-depth interview.
In the wake of a ransomware attack that disrupted patient care services for hundreds of Allscripts' customers, a class action lawsuit has been filed against the cloud-based electronic health records vendor for allegedly "failing to secure its systems and data from cyberattacks."
The newly confirmed secretary of the Department of Health and Human Services, Alex Azar, has the potential to reset critical national healthcare priorities and policies, including those related to security and privacy. But what action will he take regarding HIPAA enforcement and other issues?
After settling a breach lawsuit for $17.2 million, Aetna has signed another large settlement related to privacy breaches involving mailings to its health plan members. The latest settlement with the New York state attorney general's office involves two mailings last year.
In separate cases, two hackers have either pleaded guilty or been sentenced to serve jail time in part for launching or facilitating DDoS attacks. One defendant, John Kelsey Gammell, was unmasked after taunting a former employer over the "ongoing IT issues" his DDoS attacks were causing.
Organizations in the Middle East and Central Asia are beginning to respond to the nuances of the evolving threat landscape in the region, says Tata Communication' Avinash Prasad in this exclusive interview.
Jason's Deli is the latest business in the hospitality or retail sector to warn that attackers used malware to steal customers' card details. The restaurant chain says 2 million payment cards were stolen from 164 restaurants during the seven-month breach.
Two men have been sentenced to serve at about six years each in U.S. federal prison after selling drugs such as marijuana and cocaine via darknet markets, including AlphaBay. The separate arrests of both defendants predate law enforcement seizing control of AlphaBay.
This edition of the ISMG Security Report takes a look at how ready healthcare organizations are for GDPR compliance. Also featured: comments from Alberto Yepez of Trident Capital on the 2018 outlook for information security companies and a summary of the latest financial fraud trends.
The Office of the National Coordinator for Health IT's new chief privacy officer, Kathryn Marchesini, has a wealth of experience. But will the Department of Health and Human Services give her the resources she needs to get the job done?
It seems like every vendor in the data security industry makes predictions this time of year. Which ones should you pay attention to? All of them, says Dan Lohrmann, who formerly served as CISO of the state of Michigan.
Mobile phone retailer Carphone Warehouse has been hit with one of the largest fines ever imposed by Britain's data privacy watchdog after an attacker breached its outdated WordPress installation, exposing 3 million customers' and 1,000 employees' personal details.
While a draft "trusted exchange framework" unveiled last week by federal regulators includes proposed components that could raise the bar for the security of health data exchange, some experts caution that elements included in the final document should not be overly prescriptive.
Under what circumstances must a U.S. healthcare provider comply with the European Union's General Data Protection Regulation, which will be enforced beginning in May? In an in-depth interview, regulatory attorney Stephen Wu explains the conditions under which compliance is required.