Cybercriminals claim they stole 17 million patient records from a southern California regional healthcare provider that is still struggling with IT and phone systems outages that have been disrupting patient care since the organization was hit by a ransomware attack on Dec. 1.
New York State has levied a $550,000 fine against a healthcare group that tried - but failed - to patch a critical zero-day vulnerability in a Citrix NetScaler appliance used for telemedicine. Hackers exploited the flaw, stealing 196 gigabytes of data in an incident affecting 242,000 people.
A breach that exposed the personal information of nearly 1.6 million patients of a Puerto Rico-based clearinghouse has led to a $250,000 financial settlement with federal regulations for multiple HIPAA violations. The 2019 leak has cost Inmediata Health $2.7 million in fines and civil settlements.
Historically, IT and security teams have operated in silos, creating gaps in knowledge and response. Gen AI bridges this gap through natural language interfaces, enabling better communication and understanding between departments, said Druva CTO Stephen Manley.
The U.S. Department of Homeland Security is reportedly expanding its use of emerging surveillance tools, including drones and artificial intelligence, without proper safeguards as experts warn of potential privacy violations and risks involving facial recognition and third-party data usage.
Two data brokers pledged to stop using geolocation data gleaned from smartphones to sell services that provide a window to the intimate lives of Americans. "Surreptitious surveillance by data brokers undermines our civil liberties," an U.S. Federal Trade Commission official said.
As former director of information security and privacy at Sonesta Hotels, Michael Woodson championed a proactive approach to cybersecurity. His leadership philosophy underscores the importance of cultural transformation and continuous learning in building robust security programs.
GoodRx has reached a $25 million preliminary settlement of proposed class action litigation alleging the telehealth company violated privacy and an assortment of other laws and statutes when it previously collected and shared consumers' information with third parties through online tracking tools.
The privacy vendor market in India is evolving rapidly, as many vendors move from offering point solutions to embracing more integrated, platform solutions that can handle a broader range of privacy requirements, said Anirban Sengupta, partner, risk consulting practice with PwC.
Federal regulators have fined a Catholic healthcare system $35,581 for HIPAA violations requiring a corrective action plan after the Pennsylvania provider impermissibly disclosed a female patient's reproductive health and other sensitive information to a prospective employer.
An Illinois gastroenterology practice and a California pulmonary practice are among the latest medical specialty groups targeted by cybercriminals who claim to have their patients' sensitive health information. Attacks on such specialty healthcare practices appear to be rising, some experts said.
India's Competition Commission has fined social media conglomerate Meta over $25 million for forcing WhatsApp users to agree to a sweeping data sharing policy with other Meta platforms. The agency ordered the company to stop using users' data for online advertising on other Meta platforms.
In 2025, companies in China will face additional obligations when data protection audits become mandatory, setting a new benchmark for compliance with privacy laws. China is also expected to introduce regulations on non-personal data to establish a framework for ethical and secure data usage.
Ransomware group Embargo is threatening to publish nearly 1.5 terabytes of data allegedly stolen in an attack on American Associated Pharmacies, a collaborative of 2,000 independent pharmacies. The gang is shaking down AAP for the second installment of an alleged agreed-up ransom deal.
Zero trust, artificial-intelligence-driven security and automation tools are reshaping how organizations maintain uptime, even during a cyberattack. These advances underscore how the future of enterprise resilience is increasingly tied to advancements in cloud security.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.