The Health Sector Coordinating Council’s (HSCC) Cybersecurity Working Group (CWG) has published an Operational Continuity-Cyber Incident (OCCI) checklist which serves as a flexible template for responding to and recovering from serious cyberattacks that cause extended system outages, such as ransomware attacks. Ransomware attacks on healthcare organizations increased significantly during the pandemic and continue to be… Read More »

Salusive Health, the developer of the myNurse platform which helps physician practices streamline disease management, has experienced a cyberattack in which patient data was compromised. In its breach notification letters to patients, Salusive Health explained that it identified unauthorized activity within its computer network on March 7, 2022, and immediately implemented containment, mitigation, and restoration… Read More »

Achieving and maintaining compliance with all provisions of the Health Insurance Portability and Accountability Act (HIPAA) Rules can be a challenge for healthcare providers, health plans, healthcare clearinghouses, and business associates of HIPAA-covered entities. Fortunately, help is at hand. On May 19, 2022, Compliancy Group will be hosting a webinar and will be sharing its… Read More »

6 data breaches have recently been reported by HIPAA-regulated entities that have collectively resulted in the exposure and potential theft of the protected health information of tens of thousands of individuals. La Casa de Salud, New York The Acacia Network, a New York City-based human services organization, has recently notified the HHS’ Office for Civil… Read More »

The Workgroup for Electronic Data Interchange (WEDI) has responded to the request for information from the National Institute of Standards and Technology (NIST) and has made several recommendations for improving the NIST cybersecurity framework and supply chain risk management guidance to help healthcare organizations deal with some of the most pressing threats facing the sector.… Read More »

The Five Eyes security agencies, an alliance of intelligence agencies from Australia, Canada, New Zealand, the United Kingdom, and the United States, have issued a joint advisory about the 15 vulnerabilities in software and operating systems that were most commonly targeted by nation-state hackers and cybercriminal organizations in 2021. Throughout 2021, malicious cyber actors targeted… Read More »

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The attackers gained access to parts of its system on April 23, 2021, that housed files that contained individuals protected health… Read More »

The five eyes cybersecurity agencies have recently issued a joint security alert warning about the threat of cyberattacks on critical infrastructure by Russian nation-state threat actors and pro-Russia cybercriminal groups. Intelligence gathered by the agencies indicates the Russian government has been exploring opportunities for conducting cyberattacks against targets in the West in retaliation for the… Read More »

The American Dental Association (ADA) suffered a cyberattack on Friday and has been forced to take many of its systems offline. The ADA website is currently available and explains that “The ADA is experiencing technical difficulties,” and that work is underway to get its systems running smoothly. While the website does not provide any further… Read More »

Arroyo Grande Dental Care has recently been confirmed as having implemented policies, procedures, and practices that met or exceeded the federally mandated standards of the Health Insurance Portability and Accountability Act (HIPAA) Rules. Dental practices are required to comply with the provisions of the HIPAA Privacy Rule, Security Rule, Omnibus Rule, Breach Notification Rule, and… Read More »