News & Analysis as of

Data Breach Ransomware Health Care Providers

BakerHostetler

It’s Spooky Season: HHS OCR Finalizes Two Investigations into Ransomware Incidents, Providing Nightmare Material for Acquiring...

BakerHostetler on

Before this year, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) resolved 70 breach investigations from which fines or civil monetary penalties were secured. Of those investigations, only...more

Robinson+Cole Data Privacy + Security Insider

Microsoft Report Highlights Attacks Against Healthcare Organizations

On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the...more

Health Care Compliance Association (HCCA)

2nd Settlement Triggered by 2017 Ransomware Attack Costs WA Practice $100K; ‘Not a Breach’

Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more

Saul Ewing LLP

Medical Practice Agrees to Pay $250,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

In late September 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a settlement with Cascade Eye and Skin Centers, P.C., a health care provider in the state of...more

Robinson+Cole Data Privacy + Security Insider

OCR Settles Fourth Ransomware Investigation

The Office for Civil Rights of the Department of Health and Human Services (OCR) announced on September 26, 2024, that it had entered a settlement with Cascade Eye and Skin Centers (together, Cascade) for $250,000 following...more

Jackson Lewis P.C.

Key Takeaways for Healthcare Providers Following HHS OCR’s Most Recent Ransomware Investigation

Jackson Lewis P.C. on

Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more

Rivkin Radler LLP

OCR Announces Third Ransomware Settlement as Threats Continue to Rise

Rivkin Radler LLP on

On July 1, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced that Heritage Valley Health System, a provider in Pennsylvania, Ohio and West Virginia, agreed to pay $950,000 to resolve...more

Arnall Golden Gregory LLP

Healthcare Authority Newsletter - June 2024 #4

News Briefs - Survey Finds Decline in Telehealth Use Across Most Groups in 2022 - The percentage of adults who used telehealth in the past year dropped from 37 percent in 2021 to 30.1 percent in 2022, with declines observed...more

Benesch

Dialysis & Nephrology Digest - June 2024

Benesch on

KCP supports House bill to restore original intent of Medicare Secondary Payer Act - Kidney Care Partners (KCP) commends the 36 co-sponsors of the bill before the House, who come from both sides of the aisle and represent...more

Dentons

Ep. 19 - What to Do When Your Business Associate Suffers a Ransomware Attack

Dentons on

The healthcare industry remains a popular target for ransomware attacks. If you haven’t been impacted by a ransomware attack, it’s likely only a matter of time before someone you do business with or buy services from is...more

Sands Anderson PC

Ransomware Increasingly Targets Medical Providers

Sands Anderson PC on

Ransomware continues to make headlines in the data security world, and with good reason.  A report issued earlier this year by the Director of National Intelligence highlighted the continued surge in ransomware attacks in the...more

Tucker Arensberg, P.C.

Navigating HIPAA’s Breach Notification Rule Following A Breach

Tucker Arensberg, P.C. on

In light of the ongoing investigation of Change Healthcare’s ransomware attack that resulted in the improper disclosure of thousands of individuals’ PHI, now seems like a perfect time to discuss HIPAA’s requirements...more

Health Care Compliance Association (HCCA)

UHG’s Breach Response May Prove Enlightening for Others

Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more

Nelson Mullins Riley & Scarborough LLP

Managing the Impacts of the Change Healthcare Cyberattack

UnitedHealth Group (“UHC”) announced on April 22, 2024, that it had paid a ransom to protect patient data potentially acquired in a late February cyberattack on its subsidiary Change Healthcare (“CHC”). In its announcement,...more

Nelson Hardiman, LLP

Hacking and Healing: Nation-States, Cyber Attacks, and Healthcare Law

Nelson Hardiman, LLP on

Modern warfare is no longer restricted to physical battlefields and professional military. Countries like North Korea and Russia have few qualms about using cyberspace to reach well beyond their physical borders to target...more

Health Care Compliance Association (HCCA)

Hackers Increasingly Leveraging Threats to Patients to Pressure Health Organizations to Pay Ransom

Cyberhackers—potentially frustrated by their limited ability to extort ransom from health care entities in attacks—have started extorting the patients themselves, threatening them with the release of information or...more

Health Care Compliance Association (HCCA)

Privacy Briefs: April 2024

The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more

Woods Rogers

“Briefings on HIPAA: Cybersecurity in Healthcare,” HCPro

Woods Rogers on

Principal Liz Heddleston was recently interviewed by HCPro for a story published on April 8, 2024, discussing the rising threat of ransomware attacks for healthcare providers. The story highlights lessons learned from a...more

Epiq

Data Breaches up 72% From Record High: Cyber Incident Readiness Must be Top of Mind

Epiq on

“Protect your data! Breaches are on the rise!” These warnings seem to be everywhere – and rightfully so. Threat actors are sophisticated and new breach trends are constantly materializing. Awareness is no longer enough. It...more

Health Care Compliance Association (HCCA)

Privacy Briefs: March 2024

Research from Guidepoint Security found that 2023 saw an 80% increase in ransomware activity year-over-year, driven in part by multiple mass exploitation campaigns impacting hundreds of organizations. In total, the report...more

Saul Ewing LLP

HHS OCR Issues Its Most Recent HIPAA Annual Report and a Second Ransomware Settlement

Saul Ewing LLP on

On February 14, 2024, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) issued two reports to Congress as required by the Health Information Technology for Economic and Clinical Health...more

Dickinson Wright

How Did They Get My Protected Health Information?

Dickinson Wright on

It is no secret that protected health information (or “PHI”) is more and more at risk for cybersecurity attacks. In 2022 (the most recent year this statistic is available), the Department for Health and Human Services Office...more

Tucker Arensberg, P.C.

HHS Healthcare Sector Cybersecurity

Tucker Arensberg, P.C. on

The healthcare sector is particularly vulnerable to cybersecurity risks and the stakes for patient care and safety are particularly high. Healthcare facilities are attractive targets for cyber criminals in light of their...more

Manatt, Phelps & Phillips, LLP

[Webinar] Protecting Hospitals From Cyberattacks: New York’s Trailblazing Cybersecurity Requirements - January 30th, 1:00 pm -...

Hospitals, health systems and providers are targets of cyberattacks at an alarming rate, putting patient data, electronic infrastructure and, most importantly, patient lives at risk. The Department of Health and Human...more

Akerman LLP - Health Law Rx

OCR Will Focus on You if You Don’t Focus on Cybersecurity

With a couple of “firsts,” the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is signaling that it is cracking down on healthcare organizations that fail to identify and address cybersecurity...more

167 Results
 / 
View per page
Page: of 7

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide