Category Archives: Latest Posts

The Riskiest Connected Devices in Healthcare

The number of connected devices being used in hospitals continues to grow and while these devices can improve efficiency, safety, and patient outcomes, they have also substantially increased the attack surface, and many of these devices either lack appropriate security features or are not correctly configured. According to a recent Microsoft-sponsored study by the Ponemon… Read More »

Lurie Children’s Hospital Proposes Settlement to End Insider Breach Lawsuit

Ann & Robert H. Lurie Children’s Hospital has proposed a settlement to resolve a class action lawsuit filed in response to two privacy breaches involving unauthorized medical record access by employees. On November 15, 2019, the Chicago hospital discovered an employee had been impermissibly accessing patient records. The investigation determined the unauthorized access occurred between… Read More »

GoTranscript Confirmed as HIPAA Compliant

The audio transcription service provider, GoTranscript, has completed Compliancy Group’s HIPAA compliance methodology and has been confirmed as being in compliance with the HIPAA Rules. GoTranscript is an audio transcription company that was formed in 2005 in Edinburgh, Scotland. Over the past 17 years, the company has grown into a global provider of audio transcription… Read More »

Feds Issue Guidance on Responding and Reducing Impact of DDoS Attacks

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have recently issued guidance for federal and private agencies on the prevention and mitigation of distributed Denial of Service (DDoS) attacks. These attacks are conducted to overload applications and websites with traffic, thus rendering… Read More »

St. Luke’s Health Reports Third Party Data Breach

St. Luke’s Health has recently notified 16,906 patients that some of their protected health information has been exposed in a security incident at a vendor that provides consulting services. On November 5, 2021, the email accounts of two employees of Adelanto Healthcare Ventures (AHCV) were accessed by an unauthorized individual. An investigation was launched into the… Read More »