A Texas federal court ruled the U.S. Department of Health and Human Services overstepped its authority in guidance warning HIPAA-regulated entities that it's unlawful to use online tracking tools to capture IP addresses in visits to websites containing information about maladies.
A Minnesota-based radiology practice is notifying more than 500,000 individuals that their information was accessed and potentially acquired by hackers. The incident is one of several major health data breaches reported by radiologists in recent months as affecting hundreds of thousands of patients.
Blackbaud will pay $6.75 million and improve its data security practices under a settlement with California's attorney general. The settlement is the latest between the fundraising software firm and state and federal regulators in the wake of a 2020 hack that compromised sensitive data of millions.
It's critical for CISOs to study what went wrong in major ransomware IT disruptions and breaches hitting the healthcare sector and to look closely within their own organizations for similar gaps or vulnerabilities, said Michael Prakhye, CISO of Adventist HealthCare.
The 2023 hack at medical transcription firm Perry Johnson & Associates, which affected dozens of clients and about 14 million individuals, triggered the largest health data breach reported to regulators last year. Now the incident appears to be under federal criminal investigation.
Two U.S. senators are demanding UnitedHealth Group report a HIPAA breach and notify affected individuals no later than June 21, alleging the company is already violating HIPAA by dragging out the notification process in the aftermath of the Feb. 21 cyberattack on Change Healthcare.
A high-ranking U.S. senator is urging the Department of Health and Human Services to get tougher on healthcare sector cyber requirements. He says its failure to regulate the cyber practices of top healthcare organizations is contributing to the "major epidemic" of attacks such as Change Healthcare.
Tens of thousands of hospitals and medical practices can breathe a little easier now. Federal regulators have given the green light for Change Healthcare to handle the breach notification to tens of millions of individuals affected in a February cyberattack. But the devil is in the details.
A Nebraska firm that provides medication benefits management and pharmacy services is notifying more than 2.8 million individuals of an October 2023 hacking incident involving the potential theft of their personal information, including Social Security numbers. Did the company pay a ransom?
More than 100 medical associations and industry groups representing tens of thousands of U.S. doctors and healthcare professionals have banded together to urge federal regulators to hold Change Healthcare responsible for breach notifications related to a massive February ransomware attack.
A Texas-based firm that provides health plan administration services is notifying more than 2.4 million individuals of a hacking incident and data theft that happened more than a year ago. Why did it take WebTPA so long to report that a breach occurred?
As the Department of Health and Human Services works on a proposed update to the HIPAA Security Rule this year, regulators are also ratcheting up enforcement efforts - including resuming long-dormant HITECH Act HIPAA audits, said Melanie Fontes Rainer, director of HHS' Office for Civil Rights.
A Texas-based operator of rehabilitation hospitals is facing multiple federal proposed class action lawsuits in the wake of an apparent ransomware attack that affected dozens of its facilities in several states, potentially compromising the sensitive information of more than 101,000 individuals.
Lawmakers on Wednesday grilled UnitedHealth Group CEO Andrew Witty over security lapses leading up to the Change Healthcare cyberattack and the company's handling of the incident, including the sectorwide disruption it caused and the compromise of millions of individuals' sensitive data.
UnitedHealth Group's admission that information for "a substantial portion" of the American population was compromised in its Change Healthcare cyberattack sets into motion the likelihood the incident will become the largest health data breach ever reported in U.S. What other details are emerging?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.