News & Analysis as of

Data Breach Healthcare Today's Popular Updates

Health Care Compliance Association (HCCA)

Privacy Briefs: July 2024

Pennsylvania-based Geisinger Health System said it experienced a breach impacting more than 1.27 million patients when a former employee of vendor Nuance Communications Inc., a Microsoft Corp. subsidiary, accessed patient...more

Quarles & Brady LLP

FTC Publishes Final Rule amending Health Breach Notification Rule

Quarles & Brady LLP on

The Federal Trade Commission (“FTC”) recently published its Final Rule amending the Health Breach Notification Rule (“HBNR”). The updated HBNR, which regulates entities that handle certain personal health information, other...more

Whiteford

Client Alert: What You Need to Know About the FTC’s Changes to the Health Breach Notification Rule and How to Comply

Whiteford on

The Federal Trade Commission (FTC) issued a final rule to amend its Health Breach Notification Rule (HBN Rule). The HBN Rule requires certain entities that handle unsecured personally identifiable health data to notify...more

Dentons

Ep. 19 - What to Do When Your Business Associate Suffers a Ransomware Attack

Dentons on

The healthcare industry remains a popular target for ransomware attacks. If you haven’t been impacted by a ransomware attack, it’s likely only a matter of time before someone you do business with or buy services from is...more

King & Spalding

FTC Announces Final Rule Sweeping Consumer Digital Health Tech Under the Health Breach Notification Rule

King & Spalding on

On April 26, the Federal Trade Commission (FTC) approved its Final Rule revising the Health Breach Notification Rule (HBNR) (“Final Rule”) by a 3-2 vote. The HBNR requires vendors of personal health records (PHR) and related...more

Wyrick Robbins Yates & Ponton LLP

Don’t Call It a Breach Rule: FTC Health Breach Notification Rule Has Been Here for Years, Now Updated to Serve as a Backdoor...

As our loyal Practical Privacy readers may remember, back in December of 2021, the Federal Trade Commission (the “FTC” or “Commission”) began a rulemaking process to update the Commission’s Health Breach Notification Rule...more

Health Care Compliance Association (HCCA)

‘I Will Not Rest’; ‘I Am All In’: Remarkable Breach Hearing Sees Pledges by UHG CEO, Sen. Wyden

United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more

Health Care Compliance Association (HCCA)

UHG’s Breach Response May Prove Enlightening for Others

Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more

Health Care Compliance Association (HCCA)

Privacy Briefs: May 2024

Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more

Seyfarth Shaw LLP

Keeping with the Times - FTC Expands Scope of Health Breach Notification Rule, Even as HHS Announces Its Own HIPAA Update

Seyfarth Shaw LLP on

On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more

Foley Hoag LLP - Security, Privacy and the...

In Wake of Healthcare System Cyberattack, 22 State Attorneys General Call for Further Action of Data Privacy

On April 25, 2024, the attorneys general of 22 states issued a letter encouraging UnitedHealth Group and its subsidiary, Change Healthcare, to take additional steps to respond to a massively disruptive cyberattack. The broad,...more

Nelson Hardiman, LLP

Hacking and Healing: Nation-States, Cyber Attacks, and Healthcare Law

Nelson Hardiman, LLP on

Modern warfare is no longer restricted to physical battlefields and professional military. Countries like North Korea and Russia have few qualms about using cyberspace to reach well beyond their physical borders to target...more

Health Care Compliance Association (HCCA)

Hackers Increasingly Leveraging Threats to Patients to Pressure Health Organizations to Pay Ransom

Cyberhackers—potentially frustrated by their limited ability to extort ransom from health care entities in attacks—have started extorting the patients themselves, threatening them with the release of information or...more

Paul Hastings LLP

CISA Proposes Sweeping Cybersecurity Incident Reporting for U.S. Companies

Paul Hastings LLP on

On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more

Guidepost Solutions LLC

Change Healthcare Ransomware Attack: 10 Lessons Learned

Why does it matter to you? In February of 2024, Change Healthcare, a prominent player in the healthcare industry, fell victim to a ransomware attack that sent shockwaves through its systems and networks. The incident...more

Carlton Fields

Change Healthcare Cyberattack Emphasizes Importance of Cybersecurity Readiness; Considerations for Hardening Your Cybersecurity...

Carlton Fields on

As the health care industry continues reeling from the recent Change Healthcare ransomware attack that crippled large portions of the U.S. health care system, health care providers are naturally reminded of the importance of...more

Health Care Compliance Association (HCCA)

Employees’ Misdeeds, Lack of Risk Analysis Cost NY Hospital $4.75M; OCR Issues Warning

Although the HHS Office for Civil Rights (OCR) described its recent $4.75 million agreement with a Bronx, New York, hospital as settling a “malicious insider cybersecurity investigation,” the agency considered a total of 11...more

Bradley Arant Boult Cummings LLP

Rise in Healthcare Data Breaches & the Impact for Healthcare Providers in 2024

The healthcare sector is increasingly facing cyber-threats with ransomware and hacking at the forefront. In the last five years, there has been a staggering 256% rise in significant hacking-related breaches and a 264% surge...more

Jones Day

HHS Releases Cybersecurity Performance Goals to Enhance Cybersecurity for Health Care and Public Health Sectors

Jones Day on

The Department of Health and Human Services ("HHS") has released voluntary cybersecurity performance goals for the health care and public health sectors, which outline an increasingly standardized regulatory approach and...more

Health Care Compliance Association (HCCA)

Privacy Briefs: February 2024

The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more

Mintz - Health Care Viewpoints

Health Care Privacy and Security In 2024: Six Critical Topics to Watch

As we reflect on the flurry of activity in the health care data privacy and security space in 2023 and look ahead to what will continue to be a busy 2024, we are seeing the early stages of federal agency movement to align the...more

Health Care Compliance Association (HCCA)

Privacy Briefs: January 2024

New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more

Akerman LLP - Health Law Rx

OCR Will Focus on You if You Don’t Focus on Cybersecurity

With a couple of “firsts,” the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is signaling that it is cracking down on healthcare organizations that fail to identify and address cybersecurity...more

Manatt, Phelps & Phillips, LLP

Balancing New Federal & State Cyber Reporting Rules on Health Care & Financial Services Industries

Balancing cybersecurity incident disclosures has been a challenge for those in the trenches for years. That has not changed, and recent regulatory activity should not alter the challenges breach counsel confront. In short,...more

Health Care Compliance Association (HCCA)

Privacy Briefs: December 2023

Report on Patient Privacy 23, no. 12  (December, 2023) Northwell Health in New York and Cook County Health in Chicago each experienced impacts from a breach at Nevada-based transcription company Perry Johnson & Associates...more

93 Results
 / 
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide