Security

Change Healthcare
Cybersecurity In Focus
A year since the Change Healthcare breach, what have we learned?
By Mike Miliard | 12:09 pm | February 06, 2025
Even as the number of impacted individuals has been again revised upward, industry leaders say there are silver-lining lessons to learn from the incident about security frameworks, third-party risk and basic cyber hygiene.
Dark monitors on a desk and more on a dresser
Brain Cipher begins to leak stolen Rhode Island data
By Andrea Fox | 02:36 pm | December 31, 2024
Protected health information from Ocean State's online health and human services platform may be part of the cache of personal data posted to the dark web.
server room
Top 15 largest U.S. healthcare provider data breaches of 2024
By Andrea Fox | 06:22 pm | December 30, 2024
It was another record-breaking year for healthcare cyberattacks, and healthcare providers' network servers were again prime targets for hackers.
HHS building
Cybersecurity In Focus
HHS releases notice of HIPAA Security Rule update
By Andrea Fox | 11:41 am | December 30, 2024
The agency seeks to make its first HIPAA Security Rule update since 2013 to clarify what health plans, healthcare clearinghouses, providers and their business associates must do to protect the security of electronic protected health information.
The U.S. Capitol, Washington, D.C.
Senators intro bipartisan bill to bolster healthcare cybersecurity
By Mike Miliard | 12:04 pm | November 27, 2024
The Health Care Cybersecurity and Resiliency Act of 2024 would provide grants to help healthcare organizations strengthen prevention and response - and push for better coordination between HHS and CISA.
HHS building
OCR's HIPAA audit program lacked mettle, OIG says
By Andrea Fox | 11:46 am | November 27, 2024
The Office of Civil Rights could have initiated follow-up after discovering security flaws, but "rarely initiated these reviews when it identified serious compliance issues," according to the HHS inspector general's audit program review.
U.S. Department of Homeland Security seal
DHS intros framework for AI safety and security, in healthcare and elsewhere
By Mike Miliard | 10:56 am | November 15, 2024
The U.S. Department of Homeland Security sees three areas of concern as artificial intelligence is used across critical infrastructure sectors: attacks using AI, attacks targeting AI systems and design, and implementation failures.
HIT professional reviews information on a laptop outside a server room
ASPR seeks feedback on public health orgs' cybersecurity needs
By Andrea Fox | 11:41 am | November 13, 2024
The Administration for Strategic Preparedness and Response will be surveying agencies to assess the readiness of state, local, tribal and territorial public health organizations to manage cyber threats and gauge their needs for support.
Hand over laptop keyboard
Cyberattack roundup: Ransomware hits Georgia hospital and Colorado pathology services
By Andrea Fox | 12:02 pm | November 06, 2024
Also: Kaiser Permanente reported that an unauthorized party gained access to the email accounts of two workforce members and viewed patient health information. 
Greg Garcia of HSCC at the HIMSS Healthcare Cybersecurity Forum
Work like 'a beehive, an ant colony' to protect against cyber intruders
By Mike Miliard | 11:15 am | October 31, 2024
At the HIMSS Healthcare Cybersecurity Forum on Thursday, leaders from the Health Sector Coordinating Council offered advice for a collaborative layered defense to help health systems bolster responsiveness and stabilize their security postures.