Security news aggregator

Latest coverage for Healthcare

Stay updated with the latest healthcare cybersecurity trends, news, and tips to protect patient data and comply with medical industry security standards.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Healthcare is the delivery of clinical care and related services through hospitals, clinics, laboratories, pharmacies, insurers, and connected medical devices. It depends on electronic health records (EHRs), patient identity systems, diagnostic and imaging platforms, medication and scheduling systems, and data exchanges between organizations. These environments hold sensitive health and payment information, while the availability and integrity of systems can affect treatment, diagnostics, and patient safety.

Security concerns include unauthorized access or disclosure of records, alteration of clinical data, and disruption of care through attacks on EHRs, connected devices, or third-party services. Defenses require risk-based access controls, strong authentication, network separation where appropriate, secure device and software maintenance, backups that support clinical continuity, and tested downtime and incident-response procedures. Vulnerability management must account for legacy systems and devices that cannot be patched quickly. Privacy and compliance obligations, such as HIPAA in the United States, shape how organizations collect, use, share, retain, and report health information.

Showing 12 most recent headlines Filtered view
Bank Info Security 2 years, 2 months ago

FTC Finalizes Health Breach Notification Rule Update

Regs Now Cover Wearables and Health Apps, Extend to More Types of BreachesThe Federal Trade Commission has finalized changes to its Health Breach Notification Rule, expanding the type of technologies that apply to regulations pertaining to non-HIPAA-regulated entities. The rule has been on the books for about 15 years, but the agency only recently began to enforce it.

Bank Info Security 2 years, 2 months ago

State AGs, Industry Groups Urge Action in Change Health Saga

Calls for More Aid to Providers Come as Parent Company UHG Grapples With BreachTwenty-two state attorneys general and some industry groups are urging Change Healthcare's parent company and regulators to be transparent and give more financial aid to providers as the firm recovers from a highly disruptive cyberattack and the industry braces for massive breach notifications.

Bank Info Security 2 years, 2 months ago

Health Analytics Firm Reports Breach Affecting 1.1 Million

Data Stolen via Breach of Reliable Networks - BerryDunn's Managed Service ProviderA Maine consulting firm with a medical data analytics business must notify more than 1 million Americans that hackers stole their information from company servers. Which clients of Berry, Dunn, McNeil & Parker - and by extension, their customers - have been affected by the breach isn't clear.

Bank Info Security 2 years, 2 months ago

Kaiser Permanente Notifying 13.4 Million of Tracker Breach

Incident Involves Health Plans' Prior Use of Online Tech in Websites, Mobile AppsKaiser Foundation Health Plan has reported to regulators a health data breach affecting 13.4 million people stemming from the previous use of web trackers. Aside from reports expected from the Change Healthcare mega hack, the incident is the largest health data breach reported so far in 2024.

Bank Info Security 2 years, 2 months ago

Judge Advises Dismissal of CommonSpirit Breach Lawsuit

Proposed Class Action Claim Is Second Recent Case Tossed by Federal JudgesA second federal judge has recommended the dismissal of a second proposed class action lawsuit against Catholic hospital chain CommonSpirit over a 2022 cyberattack and data breach that affected nearly 624,000 people. Both judges said the plaintiffs failed to show how they were harmed by the breach.

Bank Info Security 2 years, 2 months ago

Breach Roundup: Cloud Error Reveals DPRK Sanctions Busting

Also: Hospitals Spend More on Cybersecurity; Critical Flaw in WordPressThis week, a cloud server error revealed sanction busting, Moody's said hospital cybersecurity spending is up, the U.S. restricted visas for commercial spyware operators, a ransomware attack hit a lab in Italy, hackers exploited a WordPress flaw, and Argentinian data is for sale on a criminal forum.

Bank Info Security 2 years, 2 months ago

Change Health Attack: Details Emerge; Breach Will Top Record

Experts Advise Health Sector to Take Steps as UnitedHealth Group Cleans Up MessUnitedHealth Group's admission that information for "a substantial portion" of the American population was compromised in its Change Healthcare cyberattack sets into motion the likelihood the incident will become the largest health data breach ever reported in U.S. What other details are emerging?

Bank Info Security 2 years, 2 months ago

UnitedHealth Group Previews Massive Change Healthcare Breach

Breach 'Could Cover a Substantial Proportion of People in America,' Company WarnsHackers who hit Change Healthcare stole sensitive personal and medical details that "could cover a substantial proportion of people in America," parent company UnitedHealth Group warned. The company faces mounting regulatory scrutiny and lawsuits due widespread disruptions caused by the attack.

Bank Info Security 2 years, 2 months ago

Feds Issue Guide for Change Health Breach Reporting Duties

HHS OCR Says the Company Has Not Yet Filed HIPAA Breach Reports to the AgencyThe Department of Health and Human Services has not yet received HIPAA breach reports from Change Healthcare or parent company UnitedHealth Group about their massive cyberattack. HHS is telling HIPAA-covered firms and their vendors to do their duty if a breach affects protected health information.

Bank Info Security 2 years, 2 months ago

HHS Beefs Up Privacy Protection for Reproductive Health Info

Finalizes HIPAA Privacy Rule Changes Involving PHI Related to Reproductive CareHealthcare providers are prohibited from disclosing protected health information related to lawful reproductive healthcare, according to a final rule released Monday by federal regulators. The new HIPAA rule is designed to protect women who cross state lines seeking an abortion, and their providers.

Bank Info Security 2 years, 2 months ago

7 Tips for Complying With Healthcare Fraud Regulations

Attorney Rachel Rose on Navigating the Intensifying Scrutiny of Federal RegulatorsThe federal government is cracking down on healthcare fraud in all forms including kickbacks, lapses in cybersecurity and privacy, lack of fairness in Medicare Advantage policies, and inflated pharmacy claims. Regulatory attorney Rachel Rose outlines seven key tips for meeting compliance mandates.