Data breaches or leaks involving health or medical data.
Supply chain attacks continue to pose a major threat to the security of sensitive data and critical systems. Five hospitals in Ontario, Canada have been struggling to function this month after a ransomware group hit their IT and services provider. DataBreaches.net broke the news when the Daixin Team revealed that they were responsible for the […]
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement under the Health Insurance Portability and Accountability Act (HIPAA) with Doctors’ Management Services, a Massachusetts medical management company that provides a variety of services, including medical billing and payor credentialing. The HIPAA Privacy, Security, and Breach Notification […]
Several days ago, The Data Breach Times noted an article expressing concern about cybersecurity in India. That article, which referenced data from a study by Check Point, also noted that one of the main sectors being attacked during the past six months was healthcare. Data leaks due to misconfigured storage devices also continue to pose […]
Newsday reports: A Lake Success-based home health care company reached a $350,000 settlement with the state after failing to protect the health care data of more than 316,800 New Yorkers, the state attorney general said Wednesday. Personal Touch Holding Corp., which provides home health care and hospice services through subsidiary companies, had an “informal and […]
Colorado Attorney General Phil Weiser announced a settlement with Broomfield Skilled Nursing and Rehabilitation Center, LLC. The settlement arose from a 2021 data breach affecting patient and employee data. The state claimed that Broomfield violated a number of state laws that are specifically identified in the assurance of discontinuance (settlement). The following is the press […]
Bloomberg Law reports that MultiCare Health System will get another chance to avoid liability for attempts to recoup wage overpayments in litigation following a hack of its vendor timekeeping system Kronos in 2021. With the timekeeping system not functioning due to a ransomware attack, many firms wound up using old wage statements or other methods […]
Human error in configuring data storage continues to result in massive leaks or potential leaks of personal and sensitive health data. In today’s news, we learned that CrelioHealth left an Elasticsearch cluster exposed. Luckily for them, it was a whitehat researcher, Bob Diachenko of SecurityDiscovery, who spotted the problem and contacted them to alert them. […]
Today, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Rules with LA Care, the nation’s largest publicly operated health plan that provides health care benefits and coverage through state, federal, and commercial programs. OCR enforces the HIPAA […]
The U.S. government is struggling to convince hospitals that they need to spend time and money fighting hackers and provide useful advice to them, a problem that could have lethal consequences as the country’s ransomware crisis rages on. “I don’t think we’ve figured out how to talk to the small and medium-sized organizations in a […]
2023 Ponemon Healthcare Cybersecurity Report
In its second annual Study on Cyber Insecurity in Healthcare, Proofpoint sponsored a Ponemon survey of 653 IT and IT security practitioners to find out how much progress the industry has made in the past year. Here are just a few highlights from this year’s report: You can access the full report on Proofpoint’s website.