A bipartisan pair of senators have introduced the Protecting and Transforming Cyber Health Care (PATCH) Act which aims to improve the security of medical devices. Vulnerabilities are often identified in medical devices that could potentially be exploited by threat actors to change the functionality of the devices, render them inoperable, or to allows the devices… Read More »
A recent survey of healthcare providers by Software Advice provides insights into healthcare data breaches, their root causes, and the different security practices at small and large healthcare providers. The survey was conducted on 130 small practices with 5 or fewer licensed providers and 129 large practices with six or more providers to understand the… Read More »
Partnership Health Plan of California Recovering from Suspected Ransomware Attack The Fairfield, CA-based nonprofit managed care health plan, Partnership Health Plan of California (PHC), has suffered a cyberattack that has taken its IT systems out of action for more than a week. PHC started notifying regional healthcare clinics on March 21, 2022, that its IT… Read More »
Two remote code execution vulnerabilities have been identified in the Spring platform – a popular application framework that software developers use for rapidly building Java applications. Proof-of-concept exploits for both vulnerabilities are in the public domain and at least one of the vulnerabilities is being actively exploited. The first vulnerability – CVE-2022-22963 – affects Spring… Read More »
Compliancy Group has confirmed Referral Ease has implemented an effective HIPAA compliance program. Cheshire, CT-based Referral Ease was recently formed with the goal of eliminating referrals paperwork and reducing frustration and appointment-related stress for patients and healthcare professionals. The company was founded by Dr. Hugh Finch Jr. DDS, MBA, in response to the lack of a… Read More »
Network Six, a managed services provider offering information technology & cybersecurity services to businesses throughout New York and New Jersey, has recently undergone a third-party assessment and has been confirmed as having implemented the policies, procedures, and processes to comply with all appropriate provisions of the Health Insurance Portability and Accountability Act (HIPAA) Rules. The… Read More »
Spokane Regional Health District (SRHD) in Washington has once again fallen victim to a phishing attack. For the second time this year, the health district has announced patient data has potentially been compromised after an employee responded to a phishing email. On March 24, 2022, SRHD announced that its IT department discovered a compromised email… Read More »
Conti Ransomware Gang Claims Responsibility for Cyberattack on CSI Laboratories Cytometry Specialists, Inc. doing business as CSI Laboratories in Alpharetta, GA, has recently announced it was the victim of a cyberattack that was discovered on February 12, 2022. An investigation was launched which confirmed that files containing limited patient data were exfiltrated from its systems,… Read More »
Healthcare organizations and their business associates need to be HIPAA compliant, but complying with the HIPAA Rules can be a daunting task and many new businesses don’t know where to start. To help HIPAA-regulated entities get on the right track, Compliancy Group is hosting a webinar this month and will explain the ins and outs… Read More »
Articles discussing the 3 major things addressed in the HIPAA law often tend to focus on the Administrative, Physical, and Technical Safeguards of the Security Rule. However, although the Safeguards of the Security Rule are 3 things in the HIPAA law, they are not THE 3 major things addressed in the HIPAA law. When Congress… Read More »