Between January 1 and April 1, 2024, at least 16.6 million individuals were impacted by data breaches across the healthcare industry. Of those, 16.3 million - or 98 percent - were hacking/IT incidents according to the HIPAA Breach Report generated by the U.S. Department of Health and Human Services. The financial implications of these breaches are staggering with some industry estimates the impact to top $1 trillion.
The healthcare sector has become the most
Read More
Healthcare Cybersecurity | Healthcare Data Security | Ransomware | Hospital Security Breaches
Researchers Uncover Critical Vulnerabilities in GE HealthCare Ultrasound Systems and EchoPAC Software
What You Should Know:
- Security researchers at Nozomi Networks Labs have identified a total of 11 vulnerabilities affecting GE HealthCare's Vivid family of ultrasound machines, the accompanying Common Service Desktop web application, and EchoPAC PC software.
- These vulnerabilities could be exploited by attackers to disrupt critical medical procedures, compromise patient data privacy, and hinder accurate diagnoses.
Vulnerable Devices and Potential Impacts
Vivid T9
Read More
Ascension Investigating Cybersecurity Event Potentially Affecting Clinical Operations
What You Should Know:
- Ascension, one of the nation's largest nonprofit and Catholic health systems, announced today they are investigating a potential cybersecurity event detected on Wednesday, May 8th.
- According to a statement released by Ascension, unusual activity was identified on specific technology network systems. The nature of this activity suggests a potential cyberattack, though the investigation is ongoing.
Ascension Mitigation Efforts
Ascension has taken
Read More
Blackwell Security Raises $13M to Empower Healthcare Cybersecurity Operations
What You Should:
- Blackwell Security, a leading provider of specialized cybersecurity solutions designed for the healthcare industry raises $13M in funding co-led by General Catalyst and Rally Ventures.
- The funding will be strategically directed towards two key areas. Firstly, it will fuel the expansion of Blackwell's Managed Healthcare Extended Detection and Response (MHXDR) offering. This purpose-built solution addresses the unique complexities of healthcare data security and
Read More
Healthcare Cybersecurity: 5 Steps to Prepare for a Ransomware Attack
It's not a matter of if but when an organization will face a security incident. In 2023, the healthcare industry faced its toughest year, with over 124 million health records breached in a total of 725 hacking incidents, according to The HIPAA Journal. This trend shouldn’t come as a surprise given how hospitals and medical offices are relatively lucrative and easy targets for cyberattacks due to the combination of outsourced services and solutions, legacy systems, and varying degrees of network
Read More
FTC Strengthens Health Data Breach Notification Rule to Protect Consumers
What You Should Know:
- The Federal Trade Commission (FTC) has finalized significant changes to the Health Breach Notification Rule (HBNR), aiming to improve consumer protection in the digital age.
- These updates clarify the rule's application to modern technologies like health apps and expand the information healthcare providers must disclose in the event of a data breach.
Key Updates to Health Breach Notification Rule Summary
Focus on Health Apps and Emerging Technologies:
Read More
UnitedHealth Faces New Ransomware Threat After Alleged $22M Payment Failure
What You Should Know:
- UnitedHealth Group is embroiled in a new ransomware saga, just as it recovers from a February attack, according to a blog post from threat intelligence firm SOCRadar.
- A hacking group called RansomHub claims to possess 4 terabytes of stolen data from UnitedHealth's subsidiary, Change Healthcare and is demanding a ransom to prevent its release.
RansomHub's Demands and Allegations
This data supposedly includes the personal details and medical records of
Read More
Feds Launches Investigation of Change Healthcare Cybersecurity Attack
What You Should Know:
- The Department of Health and Human Services' Office for Civil Rights (OCR) has announced an investigation into the recent cyberattack on Change Healthcare, a subsidiary of UnitedHealth Group (UHG).
- The cybersecurity attack has significantly disrupted healthcare billing and information systems nationwide, potentially impacting patient care.
Investigation Focuses on HIPAA Compliance
The OCR enforces the Health Insurance Portability and Accountability Act
Read More
Sensitive Data Requires Great Responsibility: The Importance of ‘Privacy and Security by Design’ in Healthcare
In healthcare, sensitive data comes with great responsibility. For companies entrusted with managing and protecting patients’ personal information, ensuring the privacy of that data must be the highest priority. These companies are called to act as vigilant guardians, especially when you consider that secure and accurate data can literally save lives.
Enter the concept of 'privacy and security by design,' an approach that goes beyond merely meeting compliance standards and, instead, embedding
Read More
HIPAA Enforcement is Changing. Providers Must Too.
Healthcare delivery organizations and those working with them that are still in business are either well aware of their duties under HIPAA, work with managed service providers that understand the law well, or…are lucky to have made it this far. Even for organizations that have steered clear of both cyberattacks and regulatory fines, vigilance is essential to maintaining a clean bill of (cybersecurity) health.
With HIPAA guidance and enforcement practices shifting increasingly quickly right
Read More