article thumbnail

Strengthening Cybersecurity Preparedness for Small Organizations: Lessons from the Change Healthcare Ransomware Attack

HIT Consultant

UnitedHealth Group’s technology unit, Change Healthcare, is currently facing an ongoing ransomware attack which has reverberated through healthcare systems and affected prescription deliveries. Phishing attacks, a common vector for ransomware infections, often exploit human vulnerabilities through deceptive emails and other communications.

article thumbnail

Ransomware Attack Leads to Another OCR Settlement

Compliancy Group

The HHS settlement, resulting from an investigation into a 2019 ransomware attack, requires the behavioral health provider to pay $40,000, implement a corrective action plan, and submit to three years of OCR monitoring. In October 2023, HHS settled its first ransomware investigation with a business associate for $100,000.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Action Taken Against CHS: Multistate HIPAA Settlement Following C10P Ransomware Attack

Compliancy Group

One such case is the Community Health Systems (CHS) C10P Ransomware attack, which affected millions of patients and resulted in a multistate HIPAA settlement. ​​No No one is protected from HIPAA violation double jeopardy. What is Ransomware? Become HIPAA Compliant × Get HIPAA Compliant! Find Out More!

article thumbnail

New HIPAA Security Rule and Enforcement Coming in 2024

Healthcare IT Today

Department of Health and Human Services (HHS) said it will update the HIPAA Security Rule in 2024 and will ask Congress for new laws and resources to increase civil money penalties for HIPAA violations, increase HIPAA enforcement, and conduct proactive audits.

HIPAA 110
article thumbnail

Feds Launches Investigation of Change Healthcare Cybersecurity Attack

HIT Consultant

Investigation Focuses on HIPAA Compliance The OCR enforces the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules. However, the agency reminds them of their obligations under HIPAA, including: Maintaining valid business associate agreements with Change Healthcare.

article thumbnail

How Long Does HIPAA Training Take?

HIPAA Journal

The duration of HIPAA training varies depending on the specific needs and roles of the individuals being trained, but for healthcare staff undergoing annual HIPAA refresher training, it typically takes about 90 minutes to complete. A typical HIPAA training course covers essential topics to ensure compliance with HIPAA regulations.

HIPAA 59
article thumbnail

Recent HHS Settlement Underscores the Importance Compliance Plays in Cybersecurity

Healthcare IT Today

The following is a guest article by Dotty Bollinger, JD, Healthcare Compliance Consultant, Compliancy Group The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) reached a settlement with Doctors’ Management Services after the healthcare vendor succumbed to a ransomware attack.