On January 6, 2025, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a “Notice of Proposed Rulemaking,” HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Protected...more
On June 27, 2023, the U.S. Department of Health and Human Services (“HHS”), Office of Inspector General (“OIG”) posted on its website a final rule implementing its civil money penalty (“CMPs”) authority and providing a...more
The continued proliferation of tracking technologies has created a landscape of increased exposure for entities serving individuals online. As individuals are increasingly interacting with healthcare services providers...more
“Side-Channel” attacks generally refer to a type of criminal cyber attacker activity that exploits vulnerabilities so that the attacker can collect and analyze “leakage” of data from a device, as a means to identify certain...more
12/15/2022
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Information Technology ,
NIST ,
Risk Management ,
Vulnerability Assessments
The Federal Government continues ramping up enforcement of data security requirements by deploying significant new enforcement theories and tools in support of cyber and data security controls required by federal law....more
3/22/2022
/ CafePress ,
Consumer Information ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Justice (DOJ) ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
False Claims Act (FCA) ,
Federal Contractors ,
Federal Trade Commission (FTC) ,
Popular ,
Regulatory Violations ,
Security Standards ,
Settlement Agreements ,
Whistleblowers
The CISA, FBI and HHS have issued an alert (https://us-cert.cisa.gov/ncas/alerts/aa20-302a) regarding an imminent threat to hospitals and health care providers. Federal agencies have credible information to suggest that a...more
10/30/2020
/ Cyber Attacks ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
FBI ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Malware ,
Risk Management ,
Vulnerability Assessments
In December 2018, twelve state Attorneys General ("AGs") jointly filed suit against Medical Informatics Engineering, Inc. (“MIE”) claiming it violated the Health Insurance Portability and Accountability Act and its related...more
2/8/2019
/ Data Breach ,
Electronic Medical Records ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
Personally Identifiable Information ,
Regulatory Violations ,
Risk Management ,
Security Rule