Category Archives: Latest Posts

Virtual 40th National HIPAA Summit – Early Bird Discount Ends 2/3

The National HIPAA Summit is the leading forum on healthcare EDI, privacy, breach notification, confidentiality, data security, and HIPAA compliance, and the deadline for registration for the Virtual 40th National HIPAA Summit is fast approaching. The event provides a tremendous opportunity for learning through HIPAA workforce training sessions and keynote speeches from top government officials… Read More »

Katherine Shaw Bethea Hospital Proposes $380K Settlement to Resolve Data Breach Lawsuit

Katherine Shaw Bethea (KSB) Hospital in Dixon, IL, has proposed a $380,000 settlement to resolve claims related to a September 2021 data breach at a business associate of the hospital. KSB Hospital used the Scottsbluff, NE-based healthcare accounts receivables service provider, Magnet Solutions, for billing-related services. Between September 17 and September 20, 2021, Magnet Solutions… Read More »

Multiple Vulnerabilities Identified in OpenEMR Health Record and Practice Management Software

Multiple vulnerabilities have been identified in the popular open source electronic health record and medical practice management software, OpenEMR. OpenEMR is used by healthcare organizations around the world for recording and managing sensitive patient data, and patients used the software for scheduling appointments online, communicating with their healthcare providers, and paying medical bills. OpenEMR is… Read More »

Editoirial: Benefits of HIPAA for Patients

This is the third article in the ‘Benefits of HIPAA’ series, this time around exploring how the Health Insurance Portability and Accountability Act (HIPAA) and its subsequent amendments have benefited patients. The first article in the series explored how HIPAA has benefited healthcare organizations and the second covered the key benefits of HIPAA for healthcare… Read More »

Lawsuit Alleges Christ Hospital Website Has Sent Patient Data to Meta

Earlier this month, a lawsuit was filed against The Christ Hospital in Cincinnati, OH, alleging third-party tracking code had been added to its website that was transmitting sensitive patient data to Meta and other third parties, without obtaining authorization from patients. An investigation by The Markup last summer revealed one-third of the top 100 hospitals… Read More »

Healthcare Industry Most Commonly Attacked with Downloaders and Ransomware

Blackberry has recently published its Global Threat Intelligence Report, which provides actionable and contextualized intelligence that can be used to improve cyber resilience. The report is based on data collected by Blackberry and threat intelligence provided by third parties, gathered over 90 days between September and November 2022. Throughout the reporting period, downloaders were among the… Read More »

Feds Warn of Malicious Use of RMM Software in Callback Phishing Attacks

Cybercriminals are increasingly using legitimate remote monitoring and management (RMM) software in their attacks, according to a recent joint alert from the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The campaign was first identified in October 2022 and involves callback phishing. The… Read More »

Ransomware Profits Decline as Victims Refuse to Pay Ransoms

Ransomware gangs are finding it much harder to profit from their attacks as fewer victims are ransoms to obtain the decryption keys and prevent the exposure of stolen data, according to two recently released reports from the ransomware remediation firm, Coveware, and blockchain analysis firm, Chainalysis. Coveware reports that in Q1, 2019, 85% of ransomware… Read More »