DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program
Recognizing the increasing number of successful cyberattacks targeting health care organizations and their valuable patient data, the Office of the Inspector General (OIG) is calling for enhancements to the HIPAA audit...more
On December 7, 2023, OCR released a statement that it was settling a phishing cyber-attack investigation into Lafourche Medical Group (the Medical Group) which specializes in emergency medicine, occupational medicine, and...more
On November 13, 2023, Governor Kathy Hochul announced plans to regulate cybersecurity for New York general hospitals regulated under Article 28 of the Public Health Law. As proposed, the regulations will provide an additional...more
Key Points: Illumina DNA sequencing machines are vulnerable to exploitation. Both the Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have published advisories urging all...more
Privacy Briefs: June 2023 - Long-term care pharmacy network PharMerica disclosed a breach involving more than 5.8 million patients, making it the largest breach reported to the HHS Office for Civil Rights (OCR) in the last...more
Report on Patient Privacy Volume 22, Number 11. November 2022 - The second largest nonprofit hospital chain in the U.S. has been grappling with an Oct. 3 cybersecurity incident that affected facilities across the country,...more
According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care...more
The Department of Health and Human Services’ (HHS) Division of Critical Infrastructure Protection (CIP) issued a health care and public health sector notification this week entitled “Ransomware Activity Targeting the...more
Last week, the American Medical Association (AMA) and the American Hospital Association (AHA), recognizing the increased cybersecurity threats facing health care providers, issued joint guidance for physicians working from...more
On January 24, 2020, security analysts revealed that a data breach exposed the personal information of 30,000 medical marijuana patients across the country, including patients in Ohio. Bloom Medicinals, which operates five...more
Report on Patient Privacy 20, no. 1 (January 2020) - ? A cybersecurity breach temporarily halted cancer radiation treatment services at the Cancer Center of Hawaii on Oahu,[1] the center said. The center, which provides...more
Louisiana Governor John Bel Edwards activated the State’s cybersecurity team recently after several State offices’ computers started acting strangely. The IT team identified an intrusion of Ryuk ransomware and which programs...more
Although Amazon and Google respond to reports of vulnerabilities in popular home smart assistants Alexa and Google Home, hackers continually work hard to exploit any vulnerabilities in order to listen to users’ every word to...more
A reporter from the Philadelphia Inquirer discovered that sensitive data of hepatitis patients were accessible online through a Philadelphia Department of Public Health (DPH) website tool without the need for a password. The...more
The Federal Bureau of Investigations Internet Crime Complaint Center (IC3) recently issued a public service announcement warning private companies about the increasing numbers of ransomware attacks affecting private industry....more
There was unfortunately some bleak news out of the Department of Health & Human Services, (HHS) Office of the Inspector General (OIG) recently. The OIG recently released the results of a performance audit of the HHS’...more
Clearwater Compliance’s newest CyberIntelligence Insight Bulletin concludes that the top three cybersecurity risks for the healthcare industry, which accounts for 36.8% of reported critical risk incidents include...more
A federal judge recently held that mere allegations that a healthcare provider’s patient information portal failed to utilize sufficient security measures, without allegations of an actual breach, were insufficient to confer...more
Verizon recently issued its Protected Health Information (PHI) Data Breach Report, which is always an interesting read. Not surprisingly, Verizon’s report concludes that based upon analysis of 1,360 security incidents...more
From insulin pumps and pacemakers to defibrillators, medical devices increasingly rely on wireless and internet connectivity for efficient operations. Unfortunately, these interconnections also leave devices vulnerable to an...more
FBI Issues Flash Alert on Apache Struts Vulnerability - The Apache Struts vulnerability has been mentioned frequently in the media over the past month, as it is believed to have been involved in one of the largest and most...more