Any healthcare organization that embeds tracking technologies in its website should carefully review whether it is inadvertently violating HIPAA or other federal regulations, said Nick Heesters, senior adviser for cybersecurity at the Department of Health and Human Services' Office for Civil Rights.
The drumbeat for potential federal legislation to better protect sensitive health information - or at least new regulations - appears to be growing louder in Congress. One of the Senate's four lawmaker doctors is quizzing the healthcare industry on ways to safeguard health data.
In Part 1 of this three-part blog post, Nikko Asset Management's Marcus Rameke provides an introduction and defines the requirements for making the transformative journey to the cloud. Parts 2 and 3 will discuss more detailed aspects of making the shift to the cloud.
Federal regulators have smacked a large California health plan with a $1.3 million fine to settle potential HIPAA violations for two relatively small breaches that affected about 2,250 individuals. But officials indicate "long-standing HIPAA deficiencies" were a "systemic" problem at the insurer.
A federal judge has given the green light for attorneys to proceed with a consolidated class action lawsuit against Meta that accuses the social media giant of intercepting sensitive health information with its Pixel tracking tools used in numerous healthcare websites and patient portals.
Ransomware groups do whatever they can to pressure a victim into paying. Enter the likes of Ransomed, following in the footsteps of Alphv/BlackСat, NoEscape and Good Day-powered Cloak, all of which threaten victims with a world of General Data Protection Regulation violation pain unless they pay.
An Alabama pediatric dental practice is notifying nearly 130,000 patients that their sensitive information was compromised in a recent cyberattack. The entity appears to have potentially paid a ransom in exchange for a promise by hackers to destroy breached data without further releasing it.
The Federal Trade Commission and the Department of Health and Human Services have publicly named 130 hospitals and telehealth companies that were recently warned that the use of online tracking tools in their websites or mobile apps potentially violates federal data privacy and security regulations.
Medical device maker Medtronic MiniMed violated patient privacy by using tracking and authentication technologies such as Google Analytics and Firebase in its InPen diabetes management app and services, according to a proposed federal class action lawsuit filed this week.
A recently updated guidance document developed by an advisory group to the Department of Health and Human Services can help all types of organizations within the healthcare sector be better prepared to deal with the latest cyberthreats, said attorney David Holtzman of HITprivacy LLC.
What's behind the profusion of reported attacks involving stolen or reused strains of ransomware? Blame a variety of factors, including law enforcement crackdowns, evolving ransomware business models and at least one case of a ransomware group leader with poor morale-building skills.
Venture-backed cloud security firm Wiz swallowing up publicly traded endpoint security firm SentinelOne would be one of the most unorthodox and surprising acquisitions the cybersecurity industry has ever seen. But despite the major financial hurdles, the potential technology synergies are obvious.
Four years ago, federal regulators started sending a message to healthcare entities about the need to give patients timely access to their health records. Insurer UnitedHealthcare, the 45th firm penalized for potential "right to access" violations, agreed to an $80,000 fine and corrective action.
AI holds great promise for certain applications in healthcare, particularly around clinical research, but security leaders - and others involved in governance within medical institutions - must be ready for the implications, said John Frushour, CISO of New York-Presbyterian Hospital.
The Food and Drug Administration's newly enhanced authority over medical device security - as granted by a funding bill signed into law last year - is "transformative" in raising the bar on what is expected from makers in their product submissions to the agency, said Dr. Suzanne Schwartz of the FDA.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.