Change Healthcare - a unit of Optum that provides IT services and applications to hundreds of U.S. pharmacies, payers and healthcare providers - is dealing with a cyber incident that has forced the company to take its applications offline enterprisewide. The company said is triaging the situation.
An Arizona firm that provides administrative services to a dozen ophthalmology practices in several states is notifying nearly 2.4 million patients of a data theft incident. The hack is among the latest recent major data breaches involving vendors of critical services to healthcare firms.
A bipartisan pair of congressmen is again attempting to address long-standing issues of patient safety and privacy - as well as medical errors, inadvertent information disclosures and denied medical claims - which all occur when patients and the health records used to treat them do not match.
When a hospital or clinic is hit with a cyberattack, it often seems as if the electronic health record systems just can't win. Even if the EHR system is not the prime target of the attack, it's still frequently taken off line as the organization responds to the incident. What should entities do?
The FDA's multifaceted approach to strengthening medical device security centers on several key areas, including enhanced regulatory oversight, industry collaboration and a recent organizational change that raises the profile of the agency's device work, said the FDA's Dr. Suzanne Schwartz.
In the latest weekly update, four ISMG editors discussed the relatively low profile of cyberwarfare in recent international conflicts, the potential revival of a dormant HIPAA compliance audit program and the security implications of sovereign AI development.
An electronic health record and practice management software firm says the only way to avoid bankruptcy from the consolidation of nine proposed class action lawsuits filed in the wake of a 2022 data breach is to settle the case for $4 million.
An Oklahoma-based healthcare system is notifying 2.4 million individuals that their sensitive information was potentially compromised in an exfiltration incident last year. Cybercriminals have been attempting to extort ransom payments directly from some of those affected patients - including kids.
As U.S. federal regulators fine-tune a strategy to push the healthcare sector into strengthening its cybersecurity posture, they are dusting off a HIPAA compliance audit program that's been dormant for the last seven years. A new round of HIPAA audits for regulated entities is in the works.
Ransomware operators disrupted emergency healthcare services over the weekend, crippling operations in nearly two dozen hospitals in Romania and France. Ransomware attacks increase the in-hospital mortality rate for already-admitted patients, a recent study concluded.
A new bipartisan Senate bill would require the U.S. Department of Health and Human Services to biennially conduct cybersecurity reviews and tests on its IT systems and report to Congress on how it is updating its cybersecurity strategy to keep up with evolving cyberthreats.
The Department of Health and Human Services has finalized regulations to better align federal requirements for the confidentiality of substance use disorder records with privacy protections afforded under HIPAA. The aim is to improve care coordination while enhancing sensitive data protections.
U.S. federal authorities are again warning the healthcare sector about threats from the Akira ransomware group. The latest alert comes on the heels of several recent attacks by the gang, including one last month on Bucks County, Pennsylvania, which affected an IT system used by emergency responders.
The Biden administration's strategy for bolstering health sector cybersecurity, which includes newly released voluntary cyber performance goals and plans to update the HIPAA Security Rule, is fueling uncertainty in some organizations, said privacy attorney Iliana Peters of law firm Polsinelli.
HHS has fined a New York City medical center $4.75 million to settle potential HIPAA violations discovered during an investigation into a hospital insider who sold patient data to identity thieves in 2013. The hospital said it has beefed up its security and privacy since the incident occurred.