Tag: HIPAA
-
Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers
by
in SecurityNewsRegulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain compliance due to limited IT resources, evolving regulatory requirements, and complex security…
-
HHS Investigators Get New Mission Under Trump: Root Out DEI
by
in SecurityNewsStretched Agency Must Balance HIPAA Enforcement With Policing DEI in Healthcare. HHS investigators charged with protecting the civil rights and privacy of patients are now assigned to finding and stamping out diversity, equity and inclusion programs at universities and hospitals, with DEI now deemed discriminatory under the Trump administration. First seen on govinfosecurity.com Jump to…
-
Mangelhafte Cybersicherheit im Gesundheitswesen
by
in SecurityNews
Tags: access, ai, chatgpt, compliance, cyberattack, cyersecurity, data, endpoint, exploit, HIPAA, insurance, ransomware, resilience, risk, service, usa, vpn, vulnerability, vulnerability-management, windows15 Prozent der Endgeräte im Gesundheitssektor haben keine oder nicht-Ă¼bereinstimmente Sicherheits- und Risikokontrollen.Laut dem aktuellen Horizon Report 2025 wurden im Jahr 2024 weltweit 183 Millionen Patientendaten kompromittiert. Das ist ein Anstieg von neun Prozent im Vergleich zum Vorjahr. Doch weshalb fällt es fĂ¼r Gesundheitseinrichtungen so schwer, sich ausreichend vor Ransomware-Angriffen zu schĂ¼tzen?Um das herauszufinden, hat…
-
Proactive Security: Navigating HIPAA’s Proposed Risk Analysis Updates
by
in SecurityNewsNOTE: This article discusses proposed changes to existing regulations. These changes are not in effect as of this article’s date… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/proactive-security-navigating-hipaas-proposed-risk-analysis-updates/
-
SIEM-Kaufratgeber
by
in SecurityNews
Tags: access, ai, api, business, cloud, compliance, container, cyberattack, data, detection, DSGVO, encryption, framework, HIPAA, infrastructure, least-privilege, mail, microsoft, mitre, ml, monitoring, open-source, saas, service, siem, skills, soar, software, threat, toolDie kontextuellen Daten, die SIEM-Lösungen liefern, sind eine grundlegende Komponente moderner Security-Stacks.Protokoll-Daten zu auditieren, zu Ă¼berprĂ¼fen und zu managen, ist alles andere als eine glamouröse Aufgabe aber ein entscheidender Aspekt, um ein sicheres Unternehmensnetzwerk aufzubauen. SchlieĂŸlich schaffen Event Logs oft eine sekundäre Angriffsfläche fĂ¼r Cyberkriminelle, die damit ihre Aktivitäten verschleiern wollen.Vorgängen wie diesen treten Netzwerksicherheitsexperten…
-
Groups Call for Trump to Rescind Proposed HIPAA Rule Update
by
in SecurityNewsHealth Industry Associations Complain That Proposed Cyber Mandates Are ‘Staggering’. Seven major healthcare industry groups are urging the Trump administration to rescind a proposed update to the HIPAA security rule issued at the end of the Biden administration. The costs and regulatory burden to comply would be staggering to the healthcare sector, they said. First…
-
Die besten DAST- & SAST-Tools
by
in SecurityNews
Tags: access, ai, api, application-security, authentication, awareness, cloud, cyberattack, cybersecurity, docker, framework, HIPAA, injection, PCI, rat, risk, risk-management, service, software, sql, supply-chain, tool, vulnerability, vulnerability-managementTools fĂ¼r Dynamic und Static Application Security Testing helfen Entwicklern, ihren Quellcode zu härten. Wir zeigen Ihnen die besten Tools zu diesem Zweck.Die Softwarelieferkette respektive ihre Schwachstellen haben in den vergangenen Jahren fĂ¼r viel Wirbel gesorgt. Ein besonders schlagzeilenträchtiges Beispiel ist der Angriff auf den IT-Dienstleister SolarWinds, bei dem mehr als 18.000 Kundenunternehmen betroffen waren.…
-
Will DOGE Access to CMS Data Lead to HIPAA Breaches?
by
in SecurityNewsExperts Cast Nervous Eye on Musk and Team’s Handling of Health-Related Info. Privacy experts are keeping a nervous eye on the potential for compromises involving Americans’ health and personal information resulting from the White House’s Department of Government Efficiency – led by Elon Musk – accessing government IT systems containing Medicare and health related data.…
-
Ex-HIPAA Officer: State Illegally Shared PHI for Research
by
in SecurityNewsLawsuit Claims R.I. Health Information Exchange Retaliated Against ‘Whistleblower’. The former HIPAA compliance officer of Rhode Island’s state health information exchange is suing the organization in a federal lawsuit claiming that she was terminated from her job after blowing the whistle on the HIE’s alleged unlawful disclosures of patient information for research purposes. First seen…
-
What 2025 HIPAA Changes Mean to You
by
in SecurityNews
Tags: access, application-security, authentication, breach, business, cloud, compliance, control, cybersecurity, data, encryption, healthcare, HIPAA, identity, incident response, insurance, law, mfa, monitoring, nist, office, penetration-testing, privacy, risk, risk-analysis, service, strategy, threat, tool, vulnerabilityWhat 2025 HIPAA Changes Mean to You madhav Tue, 02/04/2025 – 04:49 Thales comprehensive Data Security Platform helps you be compliant with 2025 HIPAA changes. You are going about your normal day, following routine process at your healthcare organization, following the same business process you’ve followed for the last twelve years. You expect Personal Health…
-
HIPAA Cybersecurity Requirements and Best Practices
by
in SecurityNewsThe Health Insurance Portability and Accountability Act (HIPAA) mandates a stringent framework for protecting sensitive patient information. These standards form the foundation of cybersecurity measures within the healthcare sector, ensuring… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/hipaa-cybersecurity-requirements-and-best-practices/
-
DeepSeek hit by cyberattack and outage amid breakthrough success
by
in SecurityNews
Tags: access, ai, apple, attack, ceo, china, compliance, control, cyberattack, cybersecurity, data, detection, encryption, finance, GDPR, google, group, HIPAA, infrastructure, malicious, nvidia, open-source, risk, saas, service, startup, technology, threat, tool, training, vulnerabilityChinese AI startup DeepSeek said it was hit by a cyberattack, prompting the company to restrict user registrations and manage website outages as demand for its AI assistant soared.According to the company’s status page, DeepSeek has been investigating the issue since late evening Beijing time on Monday.”Due to large-scale malicious attacks on DeepSeek’s services, registration…
-
US takes aim at healthcare cybersecurity with proposed HIPAA changes
by
in SecurityNews
Tags: access, authentication, best-practice, breach, compliance, control, csf, cyber, cyberattack, cybersecurity, data, defense, detection, dora, encryption, finance, framework, government, group, healthcare, HIPAA, incident response, infrastructure, insurance, intelligence, jobs, law, malware, mfa, network, nist, penetration-testing, phishing, privacy, ransom, ransomware, regulation, resilience, risk, security-incident, service, skills, technology, threat, tool, update, usa, vulnerability, vulnerability-managementThe US Department of Health and Human Services (HHS) has launched a consultation on stricter rules for the safeguarding of electronic health records.The proposed revamp of security rules covered by the Health Insurance Portability and Accountability Act (HIPAA) is designed to address the increased risk from cyberattacks such as ransomware against healthcare environments.The revamped rules…
-
State and Federal Healthcare Cyber Regs to Watch in 2025
by
in SecurityNewsUnder the Trump administration, the proposed update to the HIPAA Security Rule – issued in the final weeks of the Biden administration – is likely to get trimmed but not totally cut, predicts regulatory attorney Sharon Klein of the law firm Blank Rome. What else should the health sector expect? First seen on govinfosecurity.com Jump…
-
Box-Checking or Behavior-Changing? Training That Matters
by
in SecurityNewsExploring New Ways to Deliver and Measure Cybersecurity Awareness Programs Regulations like GDPR, HIPAA and CMMC have made security awareness training a staple of corporate security programs. But compliance is only part of the story. Organizations face an even deeper challenge: influencing employee behavior in ways that create a truly secure workplace. First seen on…
-
15 States Sue HHS to Drop HIPAA Reproductive Health Info Reg
by
in SecurityNewsHHS’ Privacy Rule Update Limits Use, Disclosure of Reproductive Health PHI. A Biden administration HIPAA Privacy Rule that went into effect last June to restrict the disclosure of reproductive health information is being challenged in federal court by the attorneys general of 15 states. The AGs are asking a Tennessee federal court to overturn the…
-
Sen. Warren Fires Off 175 Questions to RFK Jr. on HHS, HIPAA
by
in SecurityNews
Tags: HIPAAElizabeth Warren Letter Probes Kennedy on His Plans if Confirmed as HHS Secretary. Senate confirmation hearings have not yet been set for President Donald Trump’s pick to lead the U.S. Department of Health and Human Services. But that hasn’t stopped at least one lawmaker from already firing off an extensive list of questions to Robert…
-
Sen. Warren Fires Off 175 Questions to RFK Jr on HHS, HIPAA
by
in SecurityNews
Tags: HIPAAElizabeth Warren Letter Probes Kennedy on His Plans if Confirmed as HHS Secretary. Senate confirmation hearings have not yet been set for President Donald Trump’s pick to lead the U.S. Department of Health and Human Services. But that hasn’t stopped at least one lawmaker from already firing off an extensive list of questions to Robert…
-
Enhancing Health Care Cybersecurity: Bridging HIPAA Gaps with Innovation
by
in SecurityNewsThe proposed HIPAA Security Rule introduces mandatory measures to prevent malicious cyberattacks in health care. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/health-care-cybersecurity-2025/
-
HHS Proposes Major Overhaul of HIPAA Security Rule in the Wake of Change Healthcare BreachÂ
by
in SecurityNewsThe new rules come in the wake of the Change Healthcare breach, which exposed the electronic personal health information of about 100 million Americans. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/hhs-proposes-major-overhaul-of-hipaa-security-rule-in-the-wake-of-change-healthcare-breach/