Lawmakers on Wednesday grilled UnitedHealth Group CEO Andrew Witty over security lapses leading up to the Change Healthcare cyberattack and the company's handling of the incident, including the sectorwide disruption it caused and the compromise of millions of individuals' sensitive data.
The Federal Communications Commission announced Monday that it is slapping the leading U.S. cellular providers with nearly $200 million in fines for selling customers' location data to third parties without their consent, following years of warnings from lawmakers about the apparent privacy abuses.
While most healthcare sector organizations hit with ransomware attacks never imagine giving in to extortion demands, the pressures they face in dealing with the crisis often push about half of them to pay, said attorney Lynn Sessions of BakerHostetler, speaking about the firm's healthcare clients.
Island co-founder and CEO Mike Fey discusses how enterprise browsers facilitate efficient business processes through cloud integrations, safeguard sensitive data effectively and deliver a user experience tailored to the needs of business environments.
The Federal Trade Commission has finalized changes to its Health Breach Notification Rule, expanding the type of technologies that apply to regulations pertaining to non-HIPAA-regulated entities. The rule has been on the books for about 15 years, but the agency only recently began to enforce it.
Twenty-two state attorneys general and some industry groups are urging Change Healthcare's parent company and regulators to be transparent and give more financial aid to providers as the firm recovers from a highly disruptive cyberattack and the industry braces for massive breach notifications.
Kaiser Foundation Health Plan has reported to regulators a health data breach affecting 13.4 million people stemming from the previous use of web trackers. Aside from reports expected from the Change Healthcare mega hack, the incident is the largest health data breach reported so far in 2024.
A second federal judge has recommended the dismissal of a second proposed class action lawsuit against Catholic hospital chain CommonSpirit over a 2022 cyberattack and data breach that affected nearly 624,000 people. Both judges said the plaintiffs failed to show how they were harmed by the breach.
Big Blue took a big bite out of the secrets management space with its proposed buy of San Francisco-based HashiCorp, which rivals CyberArk in its ability to authenticate and authorize access to sensitive data. Will IBM double down on the privileged access market, or let the technology languish?
UnitedHealth Group's admission that information for "a substantial portion" of the American population was compromised in its Change Healthcare cyberattack sets into motion the likelihood the incident will become the largest health data breach ever reported in U.S. What other details are emerging?
Healthcare providers are prohibited from disclosing protected health information related to lawful reproductive healthcare, according to a final rule released Monday by federal regulators. The new HIPAA rule is designed to protect women who cross state lines seeking an abortion, and their providers.
The federal government is cracking down on healthcare fraud in all forms including kickbacks, lapses in cybersecurity and privacy, lack of fairness in Medicare Advantage policies, and inflated pharmacy claims. Regulatory attorney Rachel Rose outlines seven key tips for meeting compliance mandates.
The U.K. data protection agency says generative artificial intelligence developers should take steps to filter out inaccurate training data so long as their models disseminate information about people. How accurate a model must be depends on its use, the Information Commissioner's Office said.
Wiz is in advanced negotiations to buy Lacework for between $150 million and $200 million. The companies recently signed a letter of intent and are now in the midst of a comprehensive due diligence process, after which a decision will be made on whether the acquisition will go through.
The value of corporate credentials in the cybercrime market contributed to a 643% increase in data theft attacks over the past three years, cybersecurity company Kaspersky says. Malicious access brokers stole close to 400 million logins and passwords for numerous websites in the past year.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.