Tag: HIPAA
-
Sen. Warren Fires Off 175 Questions to RFK Jr. on HHS, HIPAA
by
in SecurityNews
Tags: HIPAAElizabeth Warren Letter Probes Kennedy on His Plans if Confirmed as HHS Secretary. Senate confirmation hearings have not yet been set for President Donald Trump’s pick to lead the U.S. Department of Health and Human Services. But that hasn’t stopped at least one lawmaker from already firing off an extensive list of questions to Robert…
-
Sen. Warren Fires Off 175 Questions to RFK Jr on HHS, HIPAA
by
in SecurityNews
Tags: HIPAAElizabeth Warren Letter Probes Kennedy on His Plans if Confirmed as HHS Secretary. Senate confirmation hearings have not yet been set for President Donald Trump’s pick to lead the U.S. Department of Health and Human Services. But that hasn’t stopped at least one lawmaker from already firing off an extensive list of questions to Robert…
-
Enhancing Health Care Cybersecurity: Bridging HIPAA Gaps with Innovation
by
in SecurityNewsThe proposed HIPAA Security Rule introduces mandatory measures to prevent malicious cyberattacks in health care. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/health-care-cybersecurity-2025/
-
HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare Breach
by
in SecurityNewsThe new rules come in the wake of the Change Healthcare breach, which exposed the electronic personal health information of about 100 million Americans. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/hhs-proposes-major-overhaul-of-hipaa-security-rule-in-the-wake-of-change-healthcare-breach/
-
Florida Firm Fined $337K by Feds for Data Deleted in Hack
by
in SecurityNewsBehavioral Health Company Lost Electronic PHI for Nearly 3,000 Patients in Breach. A Florida-based behavioral health holding company has paid federal regulators a $337,750 HIPAA settlement for a 2018 incident involving the deletion of electronic protected health information pertaining to nearly 3,000 patients. How should other entities avoid these data loss situations? First seen on…
-
HHS Proposes Mandating MFA, Data Encryption in HIPAA
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/hhs-proposes-mandating-mfa-data-encryption-in-hipaa
-
2 HIPAA Business Associates Pay HHS Ransomware Settlements
by
in SecurityNewsAgency Kicks Off New Year With First HIPAA Enforcement Actions, $170K in Fines. A Massachusetts firm that provides billing and other services to home health agencies and a Virginia-based data hosting and cloud provider are the latest companies paying federal regulators settlements. HHS levied $170,000 in fines following investigations into ransomware breaches. First seen on…
-
What to Know About the Proposed New HIPAA Rules
by
in SecurityNewsIf approved, the proposed new HIPAA rules will reshape the landscape of healthcare cybersecurity, partially addressing the recent OIG report’s findings on the ineffectiveness of current HIPAA audits. For CISOs, these changes present both opportunities and challenges as they work to enhance their organizations’ cybersecurity practices. The updated compliance requirements for electronic protected health information……
-
Privacy Roundup: Week 1 of Year 2025
by
in SecurityNews
Tags: access, ai, android, apple, authentication, botnet, breach, browser, business, captcha, chrome, compliance, cve, cybersecurity, data, data-breach, detection, email, encryption, exploit, finance, firmware, flaw, google, group, hacker, healthcare, HIPAA, infrastructure, injection, Internet, law, leak, login, malware, open-source, password, phishing, privacy, router, service, software, threat, tool, update, virus, vulnerabilityThis is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 – 4 JAN 2024. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things overlap; for…
-
New HIPAA Cybersecurity Rules Pull No Punches
by
in SecurityNewsHealthcare organizations of all shapes and sizes will be held to a stricter standard of cybersecurity starting in 2025 with new proposed rules, but not all have the budget for it. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/hipaa-security-rules-pull-no-punches
-
Proposed HIPAA Amendments Will Close Healthcare Security Gaps
by
in SecurityNews
Tags: authentication, control, cybersecurity, healthcare, HIPAA, mfa, network, privacy, regulation, threatThe changes to the healthcare privacy regulation with technical controls such as network segmentation, multi-factor authentication, and encryption. The changes would strengthen cybersecurity protections for electronic health information and address evolving threats against healthcare entities. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/proposed-hipaa-amendments-close-healthcare-security-gaps
-
What’s in HHS’ Proposed HIPAA Security Rule Overhaul?
by
in SecurityNewsExperts: New Mandates Could Be Difficult, Costly for Many Entities. The U.S. Department of Health and Human Services’ proposed overhaul of the 20-plus-year-old HIPAA Security Rule aims to drastically improve the state of healthcare sector cybersecurity, but the potential new requirements could mean difficult and expensive heavy lifting for many regulated entities. First seen on…
-
HIPAA to be updated with cybersecurity regulations, White House says
by
in SecurityNewsThe Biden administration is proposing an overhaul of the data security rules under the landmark Health Insurance Portability and Accountability Act (HIPAA).]]> First seen on therecord.media Jump to article: therecord.media/hipaa-cybersecurity-regulations-update
-
White House Clears HIPAA Security Rule Update
by
in SecurityNewsHHS Proposes Encryption, Security Standards for Healthcare Firms. The U.S. Department of Health and Human Services is proposing new rules for healthcare organizations that aim to bolster protections for Americans by requiring companies to encrypt sensitive patient data and conduct routine compliance evaluations amid increased threats targeting the sector. First seen on govinfosecurity.com Jump to…
-
Is Your Website Leaking Sensitive Patient Information to Facebook? A disturbing story about HIPAA (and How to Avoid It)
by
in SecurityNewsPicture this scenario: You’ve used every tool you have to secure your web pages and forms so patient information is safe. One day, a potential patient Googles “hysterectomy options” and ends up on your hospital’s website. They browse around, maybe even schedule an appointment online. You have no reason to worry, right? Because you’ve done…The…
-
ConnectOnCall data breach impacted over 900,000 individuals
by
in SecurityNewsConnectOnCall disclosed a data breach impacting over 900,000 individuals, exposing their personal information. ConnectOnCall is a telehealth platform and after-hours on-call answering service designed to enhance communication between healthcare providers and patients. It offers automated patient call tracking, HIPAA-compliant chat, and integrates with electronic health record (EHR) systems to streamline after-hours calls and care coordination.…
-
Navigating HIPAA Compliance When Using Tracking Technologies on Websites
by
in SecurityNewsWebsites have become indispensable tools for healthcare organizations to connect with patients, streamline operations, and enhance service delivery. Modern websites are composed of components that “build” unique user experiences in real time.However, the use of tracking technologies on these websites presents unique challenges in complying with the Health Insurance Portability and Accountability Act of 1996…The…
-
Unauthenticated Webpages: Hidden HIPAA Risks on Public-Facing Websites
by
in SecurityNewsWhen we think about HIPAA compliance and websites, the focus often shifts to patient portals, online scheduling systems, and other secure areas requiring user authentication. However, it’s crucial to recognize that even unauthenticated webpages, those accessible to the public without logging in, can present hidden HIPAA risks. Let’s explore these often-overlooked vulnerabilities and discuss how…The…
-
Websites and HIPAA: Navigating Online Tracking Technologies
by
in SecurityNewsToday, healthcare providers, insurers, and other HIPAA-covered entities are increasingly relying on websites to share information, engage with patients, and streamline operations. While websites offer numerous benefits, it’s crucial to understand the implications of online tracking technologies for the privacy and security of protected health information (PHI). This blog post examines the intersection of websites,…The…
-
Clearinghouse Pays $250K Settlement in Web Exposure Breach
by
in SecurityNewsInmediata Health Group Has Paid $2.7M in Fines, Civil Claims for 2019 HIPAA Breach. A breach that exposed the personal information of nearly 1.6 million patients of a Puerto Rico-based clearinghouse has led to a $250,000 financial settlement with federal regulations for multiple HIPAA violations. The 2019 leak has cost Inmediata Health $2.7 million in…
-
Gen AI use cases rising rapidly for cybersecurity, but concerns remain
by
in SecurityNews
Tags: ai, attack, automation, awareness, ceo, ciso, compliance, control, cybersecurity, data, detection, finance, framework, fraud, GDPR, governance, grc, group, guide, Hardware, HIPAA, incident response, intelligence, international, malware, middle-east, monitoring, phishing, privacy, RedTeam, regulation, risk, risk-assessment, risk-management, soc, software, strategy, technology, threat, tool, training, usaGenerative AI is being embedded into security tools at a furious pace as CISOs adopt the technology internally to automate manual processes and improve productivity. But research also suggests this surge in gen AI adoption comes with a fair amount of trepidation among cybersecurity professionals, which CISOs must keep in mind when weaving gen AI…
-
Insider Breach, Email Attacks Net $1.7M in HIPAA Fines
by
in SecurityNewsIncidents at Pain Management Firm, Pediatric Hospital Affect 50,000 People. An insider breach at a Florida pain management firm and an email breach at a Colorado pediatric hospital have resulted in more than $1.7 million in fines for HIPAA violations found by federal investigators. The two incidents affected fewer than 50,000 people. First seen on…
-
KI-gestützte Lösung zur Verbesserung der Patientenversorgung in Senioren- und Pflegeeinrichtungen
by
in SecurityNewsDie -Lösung von Kepler Vision Technologies und Mobotix hat diese Woche ein wichtiges Upgrade erhalten. Der Mobotix-c71-Smart-Sensor erkennt jetzt Verhaltensanomalien genauer und verbessert die Genauigkeit, wodurch Fehlalarme reduziert werden. Die Nurse-Assist-Sensoren sind weiterhin GDPR- und HIPAA-konform, was die Privatsphäre der Patienten und Bewohner schützt und ihre Sicherheit gewährleistet. Nach der erfolgreichen Einführung von Nurse-Assist, der…
-
Why identity security is your best companion for uncharted compliance challenges
by
in SecurityNews
Tags: access, ai, attack, authentication, automation, business, cloud, compliance, control, cyberattack, cybersecurity, data, detection, exploit, finance, framework, GDPR, governance, government, healthcare, HIPAA, identity, india, law, least-privilege, mitigation, monitoring, privacy, regulation, risk, risk-management, service, strategy, supply-chain, technology, threat, tool, zero-trustIn today’s rapidly evolving global regulatory landscape, new technologies, environments, and threats are heightening cybersecurity and data privacy concerns. In the last year, governing bodies have taken significant steps to enact stricter compliance measures”, and more than ever, they are focusing on identity-related threats.Some notable changes include: The National Institute of Standards and Technology (NIST)…
-
Working in critical infrastructure? Boost your effectiveness with these cybersecurity certifications
by
in SecurityNews
Tags: attack, automation, awareness, china, cisa, communications, compliance, control, cyber, cybersecurity, defense, finance, germany, governance, government, healthcare, HIPAA, incident response, infrastructure, international, jobs, network, PCI, privacy, ransomware, resilience, risk, risk-management, russia, sans, service, skills, soc, supply-chain, technology, training, ukraine, update, warfareHybrid warfare between nation-states is imperilling critical infrastructure around the world, both physically and electronically. Since the start of the Ukraine-Russia conflict, hybrid cyber/physical attacks on satellite and communications, energy, transportation, water, and other critical sectors have spread across Europe and beyond.Chinese perpetrators are actively infiltrating telecommunications networks in the US and abroad, according to…
-
Watchdog Report: HHS OCR Should Beef-Up HIPAA Audit Program
by
in SecurityNewsHHS OIG: Current Audit Program Is Not Pushing Entities Enough to Improve Cyber. The U.S. Department of Health and Human Services’ Office for Civil Rights should restart and toughen the scope of its HIPAA audits. A watchdog agency says HHS needs to better assess whether regulated healthcare organizations are taking required actions to reduce their…