A fertility testing laboratory has agreed to improve its data security practices and pay up to $1.25 million to settle a consolidated class action lawsuit filed in the wake of a 2021 ransomware attack that compromised sensitive health information of about 350,000 patients.
Google Cloud's Mandiant says its account at X, formerly Twitter, was hijacked and used to link to cryptocurrency phishing pages after an attacker guessed the account password, apparently after Twitter last year deactivated the account's SMS-based two-factor authentication, leaving it unprotected.
Cybercriminals are extorting some patients and threatening them with swatting in the wake of a recent cyberattack on a Seattle cancer center. The incident, stemming from a Citrix Bleed exploit, has triggered multiple lawsuits and affected the personal data of at least 1 million people.
Fallout is mounting, and new developments are emerging in several high-profile health data hacks. Data breaches reported in recent weeks and months at a medical transcription vendor, a hospital chain and a law firm are affecting a growing list of clients and individuals - and triggering lawsuits.
It's a new year, but federal regulators are beating an old HIPAA drum: The Department of Health and Human Services has hit a New Jersey medical practice with a $160,000 settlement in the agency's 46th enforcement action involving HIPAA complaint about right of access to health records.
An upstate New York hospital group has filed a lawsuit against cybercriminal group LockBit in a legal maneuver aimed at forcing a Boston-based cloud services firm to turn over patient data LockBit had stolen from the entities last summer and allegedly stored on the tech company's servers.
A hacking incident at a New Jersey-based vendor of artificial intelligence-enabled population health management services that involved a network server has affected more than a dozen of its healthcare clients across the country and nearly 4.5 million of their patients.
A defunct ambulance company is notifying nearly 912,000 patients and employees that their archived records were compromised in an early 2023 data theft hack. The firm previously provided emergency care in the Boston region and administrative services to affiliated transportation companies.
State regulators fined a New York hospital $300,000 to settle privacy violations related to the organization's prior use of tracking tools in its websites and patient portal. Regulators said the hospital violated HIPAA rules in sharing patient information with third parties for marketing purposes.
It's time for companies dealing with non-HIPAA-regulated health information to plan their compliance with Washington state's My Health My Data Act, which goes into effect in the new year and affects organizations that are based in other states, said attorney James Hennessy of law firm Reed Smith.
AI holds great promise for automating and improving many healthcare processes and tasks - including clinical decision support - but if some users become overly dependent on these systems, that could be potentially detrimental to patients, says attorney Lee Kim of HIMSS.
New York State regulators have smacked one of the largest dental administrators in the state with a $400,000 fine for a 2021 incident in which an attacker gained access to an employee email account containing 12 years' worth of messages, including many holding sensitive member information.
Three members of Congress are urging the Department of Health and Human Services to improve HIPAA privacy protections around pharmacy information. The request comes after the lawmakers asked major pharmacy companies how they handle law enforcement requests for patient records.
A Kentucky-based hospital chain is notifying millions of individuals that their information was potentially exfiltrated in a May attack. Russian-speaking ransomware-as-a-service group Alphv/BlackCat - which is currently reportedly undergoing its own disruptions - took credit for the data theft.
The Joint Commission is kicking off a new voluntary certification program for hospitals' "responsible use" of health data. The effort aims to help address growing privacy concerns over the secondary use of patient data by third parties for artificial intelligence initiatives and other activities.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.