Tag: HIPAA
-
AI in Healthcare: Top Privacy, Cyber, Regulatory Concerns
Emerging artificial intelligence and machine learning technologies being applied in the health and wellness space that are not necessarily covered by HIPAA but instead fall under a variety of tough new state privacy laws that are being enacted, said attorney Lily Li of Metaverse Law. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/ai-in-healthcare-top-privacy-cyber-regulatory-concerns-i-5477
-
City of Long Beach Says at Least 260,000 Affected by Hack
HIPAA Protected Health Information Among Data Stolen in Nov. 2023 Attack. The City of Long Beach, Calif. is notifying nearly 260,000 individuals that their protected health information was potentially stolen in a November 2023 hack that also disrupted IT systems for several weeks. The city has added $1 million to its cybersecurity budget since the…
-
Guam Hospital Pays Feds $25K to Settle HIPAA Investigation
Case Resolves HHS OCR Scrutiny of Two Security Incidents. A Guam public hospital has agreed to pay federal regulators $25,000 and implement a corrective action plan to settle potential HIPAA violations – including a failure to conduct a comprehensive risk analysis – identified during an investigation into two security incidents. First seen on govinfosecurity.com Jump…
-
Industry Asks for Clarity on Proposed HIPAA Cybersecurity Rules
Healthcare and IT security practitioners worry that some of the proposed amendments are not practical for a sector that lacks resources and often uses legacy equipment. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/industry-asks-clarity-proposed-hipaa-rules
-
HSCC Urges White House to Shift Gears on Health Cyber Regs
The Health Sector Coordinating Council is urging the Trump administration to drop work on a proposed HIPAA security rule update and instead engage in a collaborative dialogue with healthcare sector leaders to create alternative cyber requirements, said Greg Garcia, executive director of HSCC. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/hscc-urges-white-house-to-shift-gears-on-health-cyber-regs-i-5472
-
RFK Jr. Cuts at HHS Affect HIPAA, Cyber Response Units
HHS Laying Off 10,000 More People, Consolidating Divisions, Shifting Priorities. The U.S. Department of Health and Human Services announced a major restructuring and workforce reductions on Thursday. The changes disclosed so far include reshuffling units of HHS involved in healthcare sector cybersecurity response activities and HIPAA regulatory work. First seen on govinfosecurity.com Jump to article:…
-
Fitness Firm Pays Feds $228K in Misconfiguration Breach
Settlement Is 5th HIPAA Enforcement Action Under HHS’s OCR Risk Analysis Initiative. An Illinois-based firm that provides fitness and wellness plans to clients throughout the U.S. has agreed to pay federal regulators a settlement of nearly $228,000 and implement a corrective action plan following an IT misconfiguration incident caused several breaches in late 2018 and…
-
HHS OCR Launches New Round of HIPAA Compliance Audits
Audits Focus on HIPAA Security Rule Provisions Related to Ransomware, Hacking. Federal regulators have quietly resumed compliance audits of HIPAA-regulated organizations. With the surge in ransomware and other hacks reported in recent years, the focus of the audits are on provisions of the HIPAA security rule most relevant to these attacks, said a government official.…
-
Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers
Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain compliance due to limited IT resources, evolving regulatory requirements, and complex security…
-
HHS Investigators Get New Mission Under Trump: Root Out DEI
Stretched Agency Must Balance HIPAA Enforcement With Policing DEI in Healthcare. HHS investigators charged with protecting the civil rights and privacy of patients are now assigned to finding and stamping out diversity, equity and inclusion programs at universities and hospitals, with DEI now deemed discriminatory under the Trump administration. First seen on govinfosecurity.com Jump to…
-
Mangelhafte Cybersicherheit im Gesundheitswesen
Tags: access, ai, chatgpt, compliance, cyberattack, cyersecurity, data, endpoint, exploit, HIPAA, insurance, ransomware, resilience, risk, service, usa, vpn, vulnerability, vulnerability-management, windows15 Prozent der Endgeräte im Gesundheitssektor haben keine oder nicht-übereinstimmente Sicherheits- und Risikokontrollen.Laut dem aktuellen Horizon Report 2025 wurden im Jahr 2024 weltweit 183 Millionen Patientendaten kompromittiert. Das ist ein Anstieg von neun Prozent im Vergleich zum Vorjahr. Doch weshalb fällt es für Gesundheitseinrichtungen so schwer, sich ausreichend vor Ransomware-Angriffen zu schützen?Um das herauszufinden, hat…
-
Proactive Security: Navigating HIPAA’s Proposed Risk Analysis Updates
NOTE: This article discusses proposed changes to existing regulations. These changes are not in effect as of this article’s date… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/proactive-security-navigating-hipaas-proposed-risk-analysis-updates/
-
SIEM-Kaufratgeber
Tags: access, ai, api, business, cloud, compliance, container, cyberattack, data, detection, DSGVO, encryption, framework, HIPAA, infrastructure, least-privilege, mail, microsoft, mitre, ml, monitoring, open-source, saas, service, siem, skills, soar, software, threat, toolDie kontextuellen Daten, die SIEM-Lösungen liefern, sind eine grundlegende Komponente moderner Security-Stacks.Protokoll-Daten zu auditieren, zu überprüfen und zu managen, ist alles andere als eine glamouröse Aufgabe aber ein entscheidender Aspekt, um ein sicheres Unternehmensnetzwerk aufzubauen. Schließlich schaffen Event Logs oft eine sekundäre Angriffsfläche für Cyberkriminelle, die damit ihre Aktivitäten verschleiern wollen.Vorgängen wie diesen treten Netzwerksicherheitsexperten…
-
Groups Call for Trump to Rescind Proposed HIPAA Rule Update
Health Industry Associations Complain That Proposed Cyber Mandates Are ‘Staggering’. Seven major healthcare industry groups are urging the Trump administration to rescind a proposed update to the HIPAA security rule issued at the end of the Biden administration. The costs and regulatory burden to comply would be staggering to the healthcare sector, they said. First…
-
Die besten DAST- & SAST-Tools
Tags: access, ai, api, application-security, authentication, awareness, cloud, cyberattack, cybersecurity, docker, framework, HIPAA, injection, PCI, rat, risk, risk-management, service, software, sql, supply-chain, tool, vulnerability, vulnerability-managementTools für Dynamic und Static Application Security Testing helfen Entwicklern, ihren Quellcode zu härten. Wir zeigen Ihnen die besten Tools zu diesem Zweck.Die Softwarelieferkette respektive ihre Schwachstellen haben in den vergangenen Jahren für viel Wirbel gesorgt. Ein besonders schlagzeilenträchtiges Beispiel ist der Angriff auf den IT-Dienstleister SolarWinds, bei dem mehr als 18.000 Kundenunternehmen betroffen waren.…
-
Will DOGE Access to CMS Data Lead to HIPAA Breaches?
Experts Cast Nervous Eye on Musk and Team’s Handling of Health-Related Info. Privacy experts are keeping a nervous eye on the potential for compromises involving Americans’ health and personal information resulting from the White House’s Department of Government Efficiency – led by Elon Musk – accessing government IT systems containing Medicare and health related data.…
-
Ex-HIPAA Officer: State Illegally Shared PHI for Research
Lawsuit Claims R.I. Health Information Exchange Retaliated Against ‘Whistleblower’. The former HIPAA compliance officer of Rhode Island’s state health information exchange is suing the organization in a federal lawsuit claiming that she was terminated from her job after blowing the whistle on the HIE’s alleged unlawful disclosures of patient information for research purposes. First seen…
-
What 2025 HIPAA Changes Mean to You
Tags: access, application-security, authentication, breach, business, cloud, compliance, control, cybersecurity, data, encryption, healthcare, HIPAA, identity, incident response, insurance, law, mfa, monitoring, nist, office, penetration-testing, privacy, risk, risk-analysis, service, strategy, threat, tool, vulnerabilityWhat 2025 HIPAA Changes Mean to You madhav Tue, 02/04/2025 – 04:49 Thales comprehensive Data Security Platform helps you be compliant with 2025 HIPAA changes. You are going about your normal day, following routine process at your healthcare organization, following the same business process you’ve followed for the last twelve years. You expect Personal Health…
-
HIPAA Cybersecurity Requirements and Best Practices
The Health Insurance Portability and Accountability Act (HIPAA) mandates a stringent framework for protecting sensitive patient information. These standards form the foundation of cybersecurity measures within the healthcare sector, ensuring… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/hipaa-cybersecurity-requirements-and-best-practices/
-
DeepSeek hit by cyberattack and outage amid breakthrough success
Tags: access, ai, apple, attack, ceo, china, compliance, control, cyberattack, cybersecurity, data, detection, encryption, finance, GDPR, google, group, HIPAA, infrastructure, malicious, nvidia, open-source, risk, saas, service, startup, technology, threat, tool, training, vulnerabilityChinese AI startup DeepSeek said it was hit by a cyberattack, prompting the company to restrict user registrations and manage website outages as demand for its AI assistant soared.According to the company’s status page, DeepSeek has been investigating the issue since late evening Beijing time on Monday.”Due to large-scale malicious attacks on DeepSeek’s services, registration…
-
US takes aim at healthcare cybersecurity with proposed HIPAA changes
Tags: access, authentication, best-practice, breach, compliance, control, csf, cyber, cyberattack, cybersecurity, data, defense, detection, dora, encryption, finance, framework, government, group, healthcare, HIPAA, incident response, infrastructure, insurance, intelligence, jobs, law, malware, mfa, network, nist, penetration-testing, phishing, privacy, ransom, ransomware, regulation, resilience, risk, security-incident, service, skills, technology, threat, tool, update, usa, vulnerability, vulnerability-managementThe US Department of Health and Human Services (HHS) has launched a consultation on stricter rules for the safeguarding of electronic health records.The proposed revamp of security rules covered by the Health Insurance Portability and Accountability Act (HIPAA) is designed to address the increased risk from cyberattacks such as ransomware against healthcare environments.The revamped rules…
-
State and Federal Healthcare Cyber Regs to Watch in 2025
Under the Trump administration, the proposed update to the HIPAA Security Rule – issued in the final weeks of the Biden administration – is likely to get trimmed but not totally cut, predicts regulatory attorney Sharon Klein of the law firm Blank Rome. What else should the health sector expect? First seen on govinfosecurity.com Jump…
-
Box-Checking or Behavior-Changing? Training That Matters
Exploring New Ways to Deliver and Measure Cybersecurity Awareness Programs Regulations like GDPR, HIPAA and CMMC have made security awareness training a staple of corporate security programs. But compliance is only part of the story. Organizations face an even deeper challenge: influencing employee behavior in ways that create a truly secure workplace. First seen on…
-
15 States Sue HHS to Drop HIPAA Reproductive Health Info Reg
HHS’ Privacy Rule Update Limits Use, Disclosure of Reproductive Health PHI. A Biden administration HIPAA Privacy Rule that went into effect last June to restrict the disclosure of reproductive health information is being challenged in federal court by the attorneys general of 15 states. The AGs are asking a Tennessee federal court to overturn the…