The U.S. Federal Trade Commission and the Department of Health and Human Services are jointly warning dozens of hospitals and telehealth providers of potential patient data privacy and cybersecurity violations involving the use of online tracking technologies.
Many critical infrastructure sector organizations, especially smaller entities, will likely struggle to comply with an upcoming requirement to report cyber incidents to federal regulators within 72 hours - due to an assortment of reasons, said Stanley Mierzwa of Kean University.
It's becoming more critical than ever for hospitals to have vigorous programs that continuously evaluate and address the security risks posed by third-party vendors, said John Riggi, national adviser for cybersecurity and risk at the American Hospital Association.
Federal regulators and medical device maker Becton, Dickinson and Co. are warning about eight vulnerabilities that could allow an attacker to compromise BD's medication infusion product suite, potentially putting data and device integrity at risk if exploited.
Plaintiffs filed the first of what will likely be many more proposed class action lawsuits against HCA Healthcare just two days after the hospital chain publicly disclosed a hacking incident involving the posting of information for potentially 11 million patients on a dark web forum.
API security platforms have become an essential part of any organization's cybersecurity strategy, but with so many options available, it can be difficult to know how to choose the right one. In this article, we'll discuss how to evaluate API security platforms and what factors to consider.
Johns Hopkins University and its Johns Hopkins Health System are facing at least two proposed federal class action lawsuits filed in recent days following the institution's disclosure that it was among victims of the recent spate of hacks involving MOVEit file transfer software.
Traditional licensing models that lock organizations into fixed solutions or time periods are no longer ideal. Organizations need to consider usage-based licensing approaches that offer flexibility to deploy whatever solutions are required, wherever they are needed, for whatever length of time.
Hacking incidents, including those involving ransomware attacks or vendors, that affect tens of millions of individuals, continue to account for the majority of health data breaches reported to federal regulators so far this year. What are the other emerging breach trends?
A ransomware attack in May that and compromised the sensitive information of 319,500 individuals, including addiction treatment center patient data, has so far generated three proposed federal class action lawsuits against the Pennsylvania real estate firm that owns the medical group.
A Tennessee medical clinic and surgical center is notifying more than half a million patients and employees that their personal information may have been stolen by cybercriminals in an April cyberattack that disrupted healthcare services for several days.
Big banks want social media firms to take accountability for scams that occur on their payment platforms, but that doesn’t mean reimbursing victims. Banks need to take the lead in making victims whole quickly. And big tech and telcos need to kick the scammers out of their platforms.
A firm that provides coding and billing services to healthcare entities has agreed to pay federal regulators a $75,000 fine and implement a corrective action plan in the wake of an exfiltration incident that compromised patient data contained in an unsecured network server.
A Cleveland-based healthcare system is notifying a not-yet-disclosed number of individuals about an incident involving unauthorized medical records access by an employee that continued for 15 years. The safety-net organization says the worker has been disciplined.
A Berlin, Maryland-based hospital recently told regulators that a ransomware breach discovered in January had compromised the sensitive information of nearly 137,000 patients, about five times the number of people originally estimated as having been affected by the incident.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.