The National HIPAA Summit is the leading forum on healthcare EDI, privacy, breach notification, confidentiality, data security, and HIPAA compliance, and the deadline for registration for the Virtual 40th National HIPAA Summit is fast approaching. The event provides a tremendous opportunity for learning through HIPAA workforce training sessions and keynote speeches from top government officials… Read More »
Katherine Shaw Bethea (KSB) Hospital in Dixon, IL, has proposed a $380,000 settlement to resolve claims related to a September 2021 data breach at a business associate of the hospital. KSB Hospital used the Scottsbluff, NE-based healthcare accounts receivables service provider, Magnet Solutions, for billing-related services. Between September 17 and September 20, 2021, Magnet Solutions… Read More »
Multiple vulnerabilities have been identified in the popular open source electronic health record and medical practice management software, OpenEMR. OpenEMR is used by healthcare organizations around the world for recording and managing sensitive patient data, and patients used the software for scheduling appointments online, communicating with their healthcare providers, and paying medical bills. OpenEMR is… Read More »
This is the third article in the ‘Benefits of HIPAA’ series, this time around exploring how the Health Insurance Portability and Accountability Act (HIPAA) and its subsequent amendments have benefited patients. The first article in the series explored how HIPAA has benefited healthcare organizations and the second covered the key benefits of HIPAA for healthcare… Read More »
Des Plaines, IL-based Lutheran Social Services of Illinois, one of the largest providers of social services in the state, has announced that its systems were compromised and ransomware was used to encrypt files. The cyberattack was detected on January 27, 2022, and systems were taken offline to contain the attack. and third-party cybersecurity professionals were… Read More »
Earlier this month, a lawsuit was filed against The Christ Hospital in Cincinnati, OH, alleging third-party tracking code had been added to its website that was transmitting sensitive patient data to Meta and other third parties, without obtaining authorization from patients. An investigation by The Markup last summer revealed one-third of the top 100 hospitals… Read More »
While the Hive ransomware operation was infiltrating servers, exfiltrating data, and demanding ransom payments from their victims, their activities were being observed from within. The FBI has had access to Hive’s ransomware servers since July 2022 and was learning about the group’s methods and has been helping victims recover without paying the ransom. The FBI… Read More »
Blackberry has recently published its Global Threat Intelligence Report, which provides actionable and contextualized intelligence that can be used to improve cyber resilience. The report is based on data collected by Blackberry and threat intelligence provided by third parties, gathered over 90 days between September and November 2022. Throughout the reporting period, downloaders were among the… Read More »
Cybercriminals are increasingly using legitimate remote monitoring and management (RMM) software in their attacks, according to a recent joint alert from the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The campaign was first identified in October 2022 and involves callback phishing. The… Read More »
Ransomware gangs are finding it much harder to profit from their attacks as fewer victims are ransoms to obtain the decryption keys and prevent the exposure of stolen data, according to two recently released reports from the ransomware remediation firm, Coveware, and blockchain analysis firm, Chainalysis. Coveware reports that in Q1, 2019, 85% of ransomware… Read More »