Data Breach News, Healthcare, News
December 21, 2024
104 views 2 mins 0

Ascension reveals a May ransomware attack affected 5.6 million patients (1)

It took them months to update their report, but Ascension has now disclosed how many patients were affected by a ransomware attack they disclosed earlier this year. Bleeping Computer reports: ​Ascension, one of the largest private U.S. healthcare systems, is notifying nearly 5.6 million patients and employees that their personal and health data was stolen […]

Data Breach News, Healthcare
December 18, 2024
89 views 56 secs 0

Texas Tech University System data breach impacts 1.4 million patients

Another major US hospital system recently suffered a cyberattack. Bleeping Computer reported: The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. The organization is a public, academic health institution that is part of the Texas Tech […]

Data Breach News, Healthcare, News
December 10, 2024
100 views 2 mins 0

HealthAlliance of Hudson Valley Pays $550,000 to NYS; Failed to Address a Known Cybersecurity Vulnerability

New York State Attorney General Letitia James announced another data security enforcement settlement yesterday. HIPAA Journal writes: A New York healthcare provider that experienced a breach of the personal and protected health information of 242,641 New Yorkers has been ordered to pay a financial penalty of $550,000 and take steps to strengthen its data security […]

Data Breach News, Healthcare, News
November 29, 2024
114 views 14 secs 0

Ransom gang claims attack on NHS Alder Hey Children’s Hospital; Second attack on an NHS Trust this month

No ransomware gang has claimed responsiblity for the November 21 attack on the Wirral University Teaching Hospital NHS Trust but a second attack on a children’s hospital is also causing significant problems. The Register reports: The attack on Liverpool’s Alder Hey Children’s Hospital and Liverpool Heart and Chest Hospital NHS Foundation Trust is apparently unconnected […]

Legal News, Healthcare
November 10, 2024
209 views 56 secs 0

HIPAA Gets a Potential Counterpart in HISAA

Legislation proposed in September would mandate minimum cybersecurity requirements in the healthcare sector. Kevin Wood, the Chair of Winstead’s Healthcare Industry Group, writes: …. Senators Ron Wyden (D-OR) and Mark Warner (R-VA) introduced the Health Infrastructure Security and Accountability Act (HISAA) on September 26, 2024. Like HIPAA and HITECH before it, which established minimum levels […]

Legal News, Healthcare
October 29, 2024
172 views 9 secs 0

Exemptions from the Drug Supply Chain Security Act Enhanced Drug Distribution Security Requirements

Christopher R. Smith of Epstein Becker & Green, P.C. writes: On July 12, 2024, the FDA provided small dispensers—those employing 25 or fewer full-time pharmacists or pharmacy technicians—with an exemption from the Drug Supply Chain Security Act’s (“DSCSA”) enhanced drug distribution security (“EDDS”) requirements until November 27, 2026.[1]  The FDA had previously announced a stabilization period effectively delaying […]

Data Breach News, Healthcare, Insurance News, Malware Ransomware
October 18, 2024
240 views 47 secs 0

Change Healthcare Ransomware Attack Cost to Rise to $2.87bn in 2024

The Change Healthcare ransomware attack that was first disclosed in February 2024 continues to cause problems and make headlines. HIPAA Journal reports on the financial impact: The cost of the Change Healthcare ransomware attack has risen to $2.457 billion, according to UnitedHealth Group’s Q3, 2024 earnings report.  Revenues in the third quarter increased by 9% year-over-year […]

Data Breach News, Healthcare, Vendor News
September 07, 2024
346 views 27 secs 0

Another 947K patient records found to be hacked in MOVEit breach

More than a year after other victims of the MOVEit hacking incident notified people, the the Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying people whose protected health information was acquired by the Clop gang: The MOVEit data breach may be long in the rear-view mirror, but […]