Federal regulators are continuing their crusade for healthcare firms to provide patients and their representatives with timely access to medical records when requested. HHS OCR recently hit two nursing home operators with fines in separate incidents involving HIPAA "right of access" disputes.
A Department of Health and Human Services division that administers funding, training and other services to children and families is putting sensitive data at high risk because of gaps in cloud security controls and practices, according to a watchdog agency report.
A federal judge has ruled to certify a "contract class" of more than 1 million CareFirst customers in a class action lawsuit claiming that the health insurer breached its contractual obligations to safeguard their data, which was accessed by hackers in a 2014 cyberattack.
Healthcare entities can easily achieve many of the cyber performance goals set by regulators if they deploy technology solutions that provide robust security by default and create an organizational culture in which security-mindedness is ingrained, said Taylor Lehmann of Google Cloud.
The National Institute of Standards and Technology's updated Cybersecurity Framework 2.0 can help healthcare organizations better formalize their governance functions to enhance their cybersecurity posture and resilience, said Robert Booker, chief strategy officer at HITRUST.
UnitedHealth Group has admitted data was "taken" in the cyberattack on Change Healthcare and has just started analyzing the types of personal, financial and health information potentially compromised. The U.S. is offering a $10 million bounty for BlackCat, which claims to have launched the attack.
The Change Healthcare attack - the most disruptive cyber incident to ever hit the U.S. healthcare ecosystem - spotlights the risks that come from relying on a handful of major suppliers, said leaders of the Health Information Sharing and Analysis Center.
Artificial intelligence (AI) has huge potential to transform healthcare for the better, but given AI’s unbridled adoption across the industry in just the past year alone, healthcare organizations must begin to actively manage the risks that AI presents to cybersecurity and patient safety. Based on conversations with...
‘Next-generation’ GRC professionals now play a pivotal role in guiding executive decisions, helping the Board understand and set cybersecurity risk tolerance levels, and working with the frontline business to decide which risks should be remediated, mitigated, or even accepted. This business-focused approach...
The 2024 Healthcare Cybersecurity Benchmarking Study — a collaboration between Censinet, KLAS, the American Hospital Association, Health-ISAC, and the Healthcare and Public Health Sector Coordinating Council — provides an overview on the state of healthcare cybersecurity preparedness, maturity, and resiliency. It...
As ransomware continues to threaten care operations at hospitals and health systems across the country, managing enterprise cyber risk now means managing risks to patient safety. This Solution Brief provides 5 best practices for identifying, managing, and mitigating enterprise cyber risk to help health systems...
As thousands of hospitals, clinics and doctor practices potentially have to notify millions of patients about the Change Healthcare breach, the American Hospital Association said the IT services firm and parent company, UnitedHealth Group, should be the sole sender of notifications.
A nursing home operator is seeking bankruptcy protection, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. Also, a Senate bill aims to address cash flows for some health firms hit by an attack.
Revenue cycle management firm MedData has agreed to a $7 million settlement in a class action lawsuit filed after an employee inadvertently uploaded and exposed the health and personal information of about 136,000 individuals on the public-facing part of GitHub for more than a year.
In the latest "Proof of Concept," panelists Sam Curry of Zscaler and Heather West of Venable LLP discuss the crucial role of explainability and transparency in artificial intelligence, especially in areas such as healthcare and finance, where AI decisions can significantly affect people's lives.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.