Security Researcher Comments on HIPAA Security Rule
Security researcher Adam Shostack writes:
Australian IVF Giant Genea Discloses Cybersecurity Incident Exposing Company Data
TechNadu reports: Genea, one of Australia’s leading fertility service providers, has revealed a cybersecurity breach that disrupted patient services and raised concerns about the potential exposure of sensitive information. The company, which operates 21 clinics nationwide, confirmed the incident in a statement on its website on Wednesday. While Genea confirmed that an unauthorized party accessed its data, […]
Ascension reveals a May ransomware attack affected 5.6 million patients (1)
It took them months to update their report, but Ascension has now disclosed how many patients were affected by a ransomware attack they disclosed earlier this year. Bleeping Computer reports: Ascension, one of the largest private U.S. healthcare systems, is notifying nearly 5.6 million patients and employees that their personal and health data was stolen […]
Nebraska AG files lawsuit against Change Healthcare
It is the first lawsuit filed by a state attorney general against Change Healthcare over the February breach that affected 100,000 Americans. From the state’s December 16 press release: Download the court filing.
Texas Tech University System data breach impacts 1.4 million patients
Another major US hospital system recently suffered a cyberattack. Bleeping Computer reported: The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. The organization is a public, academic health institution that is part of the Texas Tech […]
HealthAlliance of Hudson Valley Pays $550,000 to NYS; Failed to Address a Known Cybersecurity Vulnerability
New York State Attorney General Letitia James announced another data security enforcement settlement yesterday. HIPAA Journal writes: A New York healthcare provider that experienced a breach of the personal and protected health information of 242,641 New Yorkers has been ordered to pay a financial penalty of $550,000 and take steps to strengthen its data security […]
Ransom gang claims attack on NHS Alder Hey Children’s Hospital; Second attack on an NHS Trust this month
No ransomware gang has claimed responsiblity for the November 21 attack on the Wirral University Teaching Hospital NHS Trust but a second attack on a children’s hospital is also causing significant problems. The Register reports: The attack on Liverpool’s Alder Hey Children’s Hospital and Liverpool Heart and Chest Hospital NHS Foundation Trust is apparently unconnected […]
HIPAA Gets a Potential Counterpart in HISAA
Legislation proposed in September would mandate minimum cybersecurity requirements in the healthcare sector. Kevin Wood, the Chair of Winstead’s Healthcare Industry Group, writes: …. Senators Ron Wyden (D-OR) and Mark Warner (R-VA) introduced the Health Infrastructure Security and Accountability Act (HISAA) on September 26, 2024. Like HIPAA and HITECH before it, which established minimum levels […]
Exemptions from the Drug Supply Chain Security Act Enhanced Drug Distribution Security Requirements
Christopher R. Smith of Epstein Becker & Green, P.C. writes: On July 12, 2024, the FDA provided small dispensers—those employing 25 or fewer full-time pharmacists or pharmacy technicians—with an exemption from the Drug Supply Chain Security Act’s (“DSCSA”) enhanced drug distribution security (“EDDS”) requirements until November 27, 2026.[1] The FDA had previously announced a stabilization period effectively delaying […]
Change Healthcare Ransomware Attack Cost to Rise to $2.87bn in 2024
The Change Healthcare ransomware attack that was first disclosed in February 2024 continues to cause problems and make headlines. HIPAA Journal reports on the financial impact: The cost of the Change Healthcare ransomware attack has risen to $2.457 billion, according to UnitedHealth Group’s Q3, 2024 earnings report. Revenues in the third quarter increased by 9% year-over-year […]