The National Institute of Standards and Technology (NIST) is seeking feedback on the usefulness of its Framework for Improving Critical Infrastructure Cybersecurity (NIST Cybersecurity Framework) and suggestions on any improvements that can be made. The NIST Cybersecurity Framework was released in 2014 to help public and private sector organizations implement cybersecurity standards and best practices… Read More »
Now that the build-up of Russian troops on the border of Ukraine has progressed into a full invasion, warnings have been issued about the elevated threat of cyberattacks on organizations in the United States and other countries that have imposed economic and military sanctions on Russia. Russia has a history of using destructive cyberattacks on… Read More »
Two HIPAA-regulated entities have recently started notifying individuals whose protected health information was potentially compromised in cyberattacks that occurred more than 12 months ago, including one where it took 18 months to notify affected individuals that their protected health information had been accessed and potentially acquired. Comprehensive Health Services Notifies 94,449 Patients About September 2020… Read More »
Logan Health Medical Center in Kalispell, MT, has recently started notifying certain patients that hackers gained access to a file server that housed patient information in “a highly sophisticated criminal attack.” A security breach of its information technology systems was detected on November 22, 2021, with the initial investigation confirming a hacker had breached its… Read More »
The automated insurance billing platform provider Zentist has demonstrated the company has implemented a HIPAA compliance program and is fully compliant with all appropriate provisions of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, Security Rule, Breach Notification Rule, Omnibus Rule, and the HITECH Act. The Zentist platform was developed to simplify and… Read More »
What is HIPAA? HIPAA is an acronym for the Health Insurance Portability and Accountability Act. Among other measures, the Act led to the establishment of federal standards for safeguarding patients´ “Protected Health Information” (PHI) and ensuring the confidentiality, integrity, and availability of PHI created, maintained, processed, transmitted, or received electronically (ePHI). When the Health Insurance… Read More »
Expanding security capabilities is possible with a tight budget by using free cybersecurity tools and services. Many tools and services have been developed by government agencies, the cybersecurity community, and the public and private sector that can be used to improve defenses against damaging cyberattacks, detect potential intrusions rapidly, and help organizations respond to and… Read More »
The National Cybersecurity Center of Excellence (NCCoE) has published the final version of NIST guidance on Securing Telehealth Remote Patient Monitoring Ecosystem (SP 1800-30). Healthcare delivery organizations have been increasingly adopting telehealth and remote patient monitoring (RPM) systems to improve the care they provide to patients while reducing costs. Patient monitoring systems have traditionally only… Read More »
50 healthcare data breaches of 500 or more records were reported to the HHS’ Office for Civil Rights (OCR) in January 2022. January was the second successive month where the number of reported data breaches fell, although 38.9% more breaches were reported last month than in January 2020. The protected health information of 2,304,607 individuals… Read More »
Seattle, WA-based Sea Mar Community Health Centers is facing a class action lawsuit over a cyberattack in which the protected health information of 688,000 individuals was compromised. The breach came to light in June 2021 when files stolen in the attack were posted on the Marketo dark web leak site. Databreaches.net spotted the leaked data… Read More »