Tag: HIPAA
-
HHS OCR Fines Firm $10K in Breach Affecting 15M
HIPAA Settlement Small Compared to Many Others. U.S. federal regulators fined a dental practice software vendor with a seemingly lowball financial penalty for a high-stakes 2020 hack affecting 15 million individuals that the company failed to report. Maryland-based MMG Fusion agreed to $10,000. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hhs-ocr-fines-firm-10k-in-breach-affecting-15m-a-30938
-
HHS OCR Fines Firm $10K in Breach Affecting 15 Million
HIPAA Settlement Small Compared to Many Others. U.S. federal regulators fined a dental practice software vendor with a seemingly lowball financial penalty for a high-stakes 2020 hack affecting 15 million individuals that the company failed to report. Maryland-based MMG Fusion agreed to $10,000. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hhs-ocr-fines-firm-10k-in-breach-affecting-15-million-a-30938
-
Modernizing HIPAA: Are You Ready?
Key Challenges in the Proposed HIPAA Security Rule Update The HIPAA Security Rule may soon undergo its first major overhaul in decades. Although finalization could come as early as May 2026, timelines remain uncertain as new requirements are grounded in modern cybersecurity practices and frameworks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/blogs/modernizing-hipaa-are-you-ready-p-4061
-
Is Outlook Email Encryption HIPAA Compliant? A Complete Guide for 2026
A practical guide to Outlook HIPAA compliance. Learn encryption requirements, configuration steps, and when to choose dedicated HIPAA email solutions. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/is-outlook-email-encryption-hipaa-compliant-a-complete-guide-for-2026/
-
Cyberattacks on Hospitals Cost Lives. Here’s How to Fight Back at Machine Speed.
Healthcare is the most targeted industry for cyberattacks, and ransomware-related delays in care have been linked to patient deaths. D3 Morpheus gives healthcare SOC teams an AI-autonomous platform that correlates alerts across the entire security stack, identifies ransomware kill chains in progress, and produces the audit-ready evidence trail that HIPAA and HITECH demand. First seen…
-
MSP Strategic Defense: Building Compliance on Dynamic Attack Surface Reduction
Tags: attack, compliance, control, cyber, defense, dora, HIPAA, insurance, ISO-27001, msp, nis-2, PCI, regulation, soc, supply-chain<div cla Compliance expectations across SMB markets are rising as supply chain regulations and cyber insurance requirements raise the baseline for security maturity. Regulatory standards such as CIS Controls v8, the NIS2 Directive, ISO 27001, SOC 2, PCI DSS, HIPAA, Cyber Essentials, CMMC 2.0, DORA, and the Essential Eight now shape what that baseline looks…
-
How to maximize HEDIS scores with synthetic data
Accessing PHI for development and testing is often blocked by stringent HIPAA compliance requirements. Learn how synthetic data helps engineers build tools to close care gaps and improve HEDIS scores. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/how-to-maximize-hedis-scores-with-synthetic-data/
-
Feds Launch Portal to Report Substance Use Disorder Breaches
New HHS Enforcement Program Focuses on Patient Confidentiality, Aligning With HIPAA. The U.S. Department of Health and Human Services has launched a new breach reporting website and guidance materials to support its duties of enforcing compliance mandates that went into effect Monday to better align the confidentiality of substance use disorder records with the HIPAA…
-
AI Powered HIPAA Compliance Readiness Testing in Healthcare Software. A QA Leader’s Guide to Continuous Compliance
In healthcare software, quality is inseparable from compliance. A feature working as designed is not enough. Every workflow, integration, and data exchange must protect Protected…Read More First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/02/ai-powered-hipaa-compliance-readiness-testing-in-healthcare-software-a-qa-leaders-guide-to-continuous-compliance/
-
Questions Loom Ahead of Substance Abuse Privacy Rules Shift
As the compliance deadline quickly approaches for changes to align the federal rules for the confidentiality of substance use disorder records with HIPAA, entities that participate in so-called Part 2 programs still face critical unanswered questions, said attorney Aleksandra Vold of BakerHostetler. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/questions-loom-ahead-substance-abuse-privacy-rules-shift-i-5522
-
Ambulance Billing Firm Pays $515K Fine to 2 States in Hack
Comstar Paid Feds $75K Last Year to Settle HIPAA Allegations in Same 2022 Breach. An ambulance billing and collections firm has agreed to pay $515,000 to Massachusetts and Connecticut regulators and implement a prescriptive information security program in the aftermath of a 2022 hacking incident affecting the sensitive information of nearly 350,000 residents in those…
-
Aligning Substance Use Privacy Regs With HIPAA Isn’t Simple
Revisions to 42 CFR Part 2 that go into effect soon to better align federal regulations for the confidentiality of substance use disorder records with HIPAA require entities to adjust their compliance programs. But the changes aren’t easy, said attorney David Holtzman, founder of HITprivacy LLC. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/aligning-substance-use-privacy-regs-hipaa-isnt-simple-i-5519
-
Study: Future IT Workers Would Sell Patient Data
Nearly 60% of Tech Students Said They’d Violate HIPAA If the Price Was Right. Budding IT insiders can be corrupted into giving up protected health information of a very famous patient, say State University of New York at Buffalo researchers who also found a correlation between an interest in white hat hacking and illegal breaches.…
-
Top 10 HIPAA Compliance Software Solutions
Key Takeaways Healthcare breaches have cost an eye”‘watering $7.42 million per incident in 2025, and it’s not surprising that regulators are dialing up new requirements like multi”‘factor authentication, encryption for all ePHI, and yearly audits. Small practices may be able to get by with basic tools, but larger organizations need more robust systems. The best……
-
HHS Urges Health Sector to Harden Security of PHI, Devices
Feds Pushing HIPAA Regulated Entities to Bolster Security Risk Management. Federal regulators are advising regulated healthcare firms and their third-party vendors to harden systems, software and medical devices to better safeguard protected health information. Hardening is a necessary measure for protecting data privacy security – but also in protecting patient safety. First seen on govinfosecurity.com…
-
Anthropic brings Claude to healthcare with HIPAA-ready Enterprise tools
Anthropic is bringing Claude for healthcare, following a similar move by OpenAI for ChatGPT. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/anthropic-brings-claude-to-healthcare-with-hipaa-ready-enterprise-tools/
-
Industry Continues to Push Back on HIPAA Security Rule Overhaul
Healthcare cyberattacks are on the rise, but industry organizations say the proposed changes to the security rules fall short of what’s needed. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/industry-oppose-hipaa-security-rule-overhaul
-
Hospital Ransomware Really is The Pitt
Ransomware has become a systemic risk to healthcare, where downtime equals patient harm. From Change Healthcare to Ascension, this analysis explains why hospitals are targeted, what HIPAA really requires, and how resilience”, not checklists”, must drive security strategy. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/hospital-ransomware-really-is-the-pitt/
-
Compliance-Ready Cybersecurity for Finance and Healthcare: The Seceon Advantage
Tags: compliance, cybersecurity, dora, finance, framework, healthcare, HIPAA, PCI, regulation, serviceNavigating the Most Complex Regulatory Landscapes in Cybersecurity Financial services and healthcare organizations operate under the most stringent regulatory frameworks in existence. From HIPAA and PCI-DSS to GLBA, SOX, and emerging regulations like DORA, these industries face a constant barrage of compliance requirements that demand not just checkboxes, but comprehensive, continuously monitored security programs. The…
-
Empowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services
Tags: access, ai, automation, best-practice, business, cloud, compliance, computing, container, control, data, data-breach, encryption, finance, GDPR, governance, government, guide, healthcare, HIPAA, intelligence, network, oracle, PCI, resilience, risk, service, software, strategy, supply-chain, tool, zero-trustEmpowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services madhav Thu, 12/11/2025 – 06:50 In a landscape where the safeguarding of sensitive information is paramount, the collaboration between Thales and Oracle Fusion Cloud Services helps create operational independence, data sovereignty, and uncompromising control for organizations worldwide. At Thales, our…
-
Empowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services
Tags: access, ai, automation, best-practice, business, cloud, compliance, computing, container, control, data, data-breach, encryption, finance, GDPR, governance, government, guide, healthcare, HIPAA, intelligence, network, oracle, PCI, resilience, risk, service, software, strategy, supply-chain, tool, zero-trustEmpowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services madhav Thu, 12/11/2025 – 06:50 In a landscape where the safeguarding of sensitive information is paramount, the collaboration between Thales and Oracle Fusion Cloud Services helps create operational independence, data sovereignty, and uncompromising control for organizations worldwide. At Thales, our…
-
Senators Reintroduce Bill to Boost Healthcare Cybersecurity
Plan Calls for Updated HIPAA Regs, Grants, Training, Enhanced Breach Reporting Data. Four U.S. lawmakers – including the chair of the Senate health, education, labor and pensions committee – are taking another stab with a bipartisan bill aimed at strengthening cybersecurity in healthcare. That includes bolstering HIPAA, and providing cyber grants and training to the…
-
Senators Reintroduce Bill to Boost Healthcare Cybersecurity
Plan Calls for Updated HIPAA Regs, Grants, Training, Enhanced Breach Reporting Data. Four U.S. lawmakers – including the chair of the Senate health, education, labor and pensions committee – are taking another stab with a bipartisan bill aimed at strengthening cybersecurity in healthcare. That includes bolstering HIPAA, and providing cyber grants and training to the…
-
Senators Reintroduce Bill to Boost Healthcare Cybersecurity
Plan Calls for Updated HIPAA Regs, Grants, Training, Enhanced Breach Reporting Data. Four U.S. lawmakers – including the chair of the Senate health, education, labor and pensions committee – are taking another stab with a bipartisan bill aimed at strengthening cybersecurity in healthcare. That includes bolstering HIPAA, and providing cyber grants and training to the…
-
How to tell if your password manager meets HIPAA expectations
Most healthcare organizations focus on encryption, network monitoring, and phishing prevention, although one simple source of risk still slips through the cracks. Password … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/08/password-manager-hipaa-compliance/