HIPAA Journal

JANUARY 3, 2023

Ransomware attacks continue to be conducted on healthcare organizations in high numbers but determining the extent to which healthcare organizations are being targeted by ransomware gangs is a challenge. The decision whether or not to encrypt appears to be taken on an attack-by-attack basis.

Ransomware 106

Ransomware Hospitals HIPAA Governance 106

HIPAA Journal

MARCH 16, 2023

The Health Sector Cybersecurity Coordination Center (HC3) has shared threat intelligence information about the Black Basta ransomware group to help network defenders prevent and rapidly detect attacks in progress. The Black Basta group was first identified in April 2022 and is known to conduct ransomware and extortion attacks.

Ransomware 93

Ransomware HIPAA Governance 93

HIT Consultant

DECEMBER 20, 2023

Cam Roberson, VP at Beachhead Solutions Healthcare delivery organizations and those working with them that are still in business are either well aware of their duties under HIPAA, work with managed service providers that understand the law well, or…are lucky to have made it this far. The recent bill H.R.7898

HIPAA 105

HIPAA Ransomware Governance 105

HIPAA Journal

JULY 31, 2023

a government services contracting company, has announced in a Securities and Exchange Commission (SEC) filing that hackers exploited a zero-day vulnerability in Progress Software’s MOVEit Transfer solution in May 2023 and accessed the protected health information (PHI) of between 8 and 11 million individuals.

Governance 71

Governance Medicare Medicare Ransomware 71

HIPAA Journal

FEBRUARY 14, 2022

A joint security advisory has been issued by cybersecurity agencies in the United States, United Kingdom, and Australia, warning about the increased globalized threat of ransomware attacks and the elevated risk of targeted attacks on critical infrastructure entities. 2021 Ransomware Attack Trends. 2021 Ransomware Attack Trends.

Ransomware 121

Ransomware Governance HIPAA Public Health 121

HIPAA Journal

JUNE 15, 2023

This joint advisory on LockBit is another example of effective collaboration with our partners to provide timely and actionable resources to help all organizations understand and defend against this ransomware activity,” said CISA Executive Assistant Director for Cybersecurity, Eric Goldstein. “As

Ransomware 78

Ransomware HIPAA Governance 78

HIPAA Journal

MARCH 24, 2022

The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has released its 2021 Internet Crime Report , which reveals there were at least 649 ransomware attacks on critical infrastructure organizations from June 2021 to December 2021. Losses to ransomware are difficult to determine.

Ransomware 120

Ransomware Public Health Fraud HIPAA 120

HIPAA Journal

SEPTEMBER 13, 2022

Over the Labor Day weekend, Oakbend Medical Center in Richmond, TX, suffered a ransomware attack. The group has threatened to release all of the stolen files, which are claimed to include the protected health information of more than 1 million patients. Some of the stolen data has been uploaded to the group’s data leak site.

Ransomware 81

Ransomware HIPAA Doctors Governance 81

HIPAA Journal

APRIL 12, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has recently published a fact sheet on cyber threat information sharing to guide organizations reporting cyber incidents, which will help the agency mitigate current and emerging cybersecurity threats to U.S. critical infrastructure. cybersecurity.

Ransomware 111

Ransomware HIPAA Governance 111

HIPAA Journal

JUNE 8, 2023

a provider of call center and customer experience software technology to large enterprises, has recently confirmed that it fell victim to a ransomware attack on a limited portion of its network. The post Alvaria Confirms November 2022 Hive Ransomware Attack appeared first on HIPAA Journal. (formerly Aspect Software, Inc.),

Ransomware 52

Ransomware Fraud HIPAA Health Insurance 52

HIPAA Journal

SEPTEMBER 13, 2023

The indictments of multiple members of the TrickBot/Conti Ransomware groups have recently been unsealed and 11 members of these cybercriminal operations have been sanctioned by the United States and the United Kingdom. government and other U.S. targets in line with the objectives of the Russian intelligence services.

Ransomware 82

Ransomware Governance HIPAA Hospitals 82

HIPAA Journal

FEBRUARY 21, 2023

Lehigh Valley Health Network (LVHN) in Pennsylvania has confirmed that it is dealing with a ransomware attack that was detected on February 6, 2023. An announcement was made on Monday confirming the Russian-speaking ransomware gang, BlackCat, was behind the attack and demanded a ransom, but no payment was made.

Ransomware 73

Ransomware HIPAA Health Insurance Governance 73

HIT Consultant

MARCH 20, 2022

If ransomware is not a topic of conversation around any healthcare organization’s boardroom table, directors and senior executives may be exposing the organization (and themselves) to considerable risk. Here’s a guide to ransomware trends for 2022 and steps healthcare leaders can take to help protect their organizations.

Ransomware 98

Ransomware HIPAA Governance Hospitals 98

HIPAA Journal

APRIL 28, 2022

Irvine, CA-based Smile Brands, a provider of support services for dental offices, has recently provided an update on the number of individuals affected by a ransomware attack that was discovered on April 24, 2021. The post Up to 2,592,494 individuals Affected by Smile Brands Ransomware Attack appeared first on HIPAA Journal.

Ransomware 106

Ransomware Health Insurance HIPAA Licensing 106

HIPAA Journal

JANUARY 30, 2023

The National HIPAA Summit is the leading forum on healthcare EDI, privacy, breach notification, confidentiality, data security, and HIPAA compliance, and the deadline for registration for the Virtual 40th National HIPAA Summit is fast approaching.

US Department of Health and Human Services 81

US Department of Health and Human Services HIPAA Compliance Medicaid 81

HIPAA Journal

AUGUST 16, 2022

In August 2021, the Vice Society ransomware operation published data on its data leak site that had allegedly been obtained in a ransomware attack on United Health Centers of San Joaquin Valley. HIPAA Journal reported on the incident in September 2021. A comprehensive review of the affected data was completed on April 11, 2022.

Ransomware 96

Ransomware HIPAA Licensing Governance 96

Healthcare It News

MAY 2, 2024

UnitedHealth Group CEO Andrew Witty testified on May 1 before both the House and Senate about the seismic February 21 cyberattack of UHG subsidiary Change Healthcare, which was infiltrated by the ALPHV ransomware gang. The particular ransomware attack made prime and backups inoperable.

US Department of Health and Human Services 266

US Department of Health and Human Services HIPAA Ransomware Governance 266

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud 94

Fraud Health Insurance Ransomware HIPAA 94

HIPAA Journal

JUNE 25, 2023

Paubox is HIPAA compliant and as an email encryption solution supports HIPAA compliance and can be used by Covered Entities and Business Associates to communicate Protected Health Information in emails without violating the standards of the HIPAA Privacy or Security Rules. What are the HIPAA Email Requirements?

HIPAA 52

HIPAA Compliance Compliance Officers Ransomware 52

HIPAA Journal

FEBRUARY 8, 2024

A new report from Chainalysis has revealed victims of ransomware attacks paid hackers $1.1 billion in 2023 to obtain the keys to unlock their data and to prevent the release of information stolen in the attacks. The researchers believe this anomaly is linked to the Russia-Ukraine war.

Ransomware 83

Ransomware HIPAA Governance Hospitals 83

AIHC

MARCH 12, 2024

Written by the AIHC Education Department This article provides an overview of how the media and government are reacting to the potential of artificial intelligence (AI) and potential threats associated with this advanced technology. A Government-Commissioned Report Released February 2024 The U.S.

Ransomware 59

Ransomware Governance Compliance HIPAA 59

AIHC

MARCH 12, 2024

Written by the AIHC Education Department This article provides an overview of how the media and government are reacting to the potential of artificial intelligence (AI) and potential threats associated with this advanced technology. A Government-Commissioned Report Released February 2024 The U.S.

Ransomware 52

Ransomware Governance Compliance HIPAA 52

Healthcare It News

JULY 31, 2023

Data privacy is about more than keeping personal information safe and secure, says Dr. Eric Liederman, Kaiser Permanente's director of medical informatics – it's an essential component for establishing trust with patients that healthcare organizations take personal safety seriously.

Ransomware 196

Ransomware Health Insurance HIPAA Governance 196

Healthcare It News

SEPTEMBER 21, 2023

Eric Liederman, director of medical informatics for the Kaiser Permanente Medical Group, says good communications with patients about cybersecurity protection is essential – even as risks to protected health information are on the rise, from external bad actors and insider threats. "What's going on?

Governance 250

Governance HIPAA Ransomware Licensing 250

Compliancy Group

MAY 6, 2022

It’s sometimes hard to believe that the acronym GRC (Governance, Risk, Compliance) has been around for less than 20 years. HIPAA and GRC go hand in hand for companies operating in the healthcare sector. HIPAA & GRC – A Brief History. Let’s Simplify Compliance Do you need help with HIPAA? Learn More! ×

HIPAA 52

HIPAA Compliance Governance Ransomware 52

HIPAA Journal

SEPTEMBER 8, 2022

The Michigan law firm, Warner Norcross and Judd LLP, has issued notification letters to 255,160 individuals advising them about an October 2021 security breach in which files containing their personal and protected health information were potentially accessed and exfiltrated from its systems. The breach was detected on October 22, 2021.

Fraud 69

Fraud Health Insurance Ransomware HIPAA 69

HIPAA Journal

AUGUST 31, 2022

The group operates out of Russia and has been operational since at least 2009 and is responsible for the infamous Dridex banking Trojan and several other ransomware and malware variants, including BitPaymer, Hades, Phoenixlocker, WastedLocker, SocGholish, GameOver Zeus, and JabberZeus.

Ransomware 117

Ransomware Fraud Governance Public Health 117

HIPAA Journal

NOVEMBER 29, 2022

HIPAA Journal is conducting interviews with healthcare professionals and service providers to find out more about their compliance journeys, how the HIPAA Rules have affected their working lives, and the successes and challenges they have faced with HIPAA compliance. Director, HIPAA Security & Regulatory Compliance, PPFA.

Regulatory Compliance 55

Regulatory Compliance HIPAA Compliance Federal Policy 55

AIHC

APRIL 10, 2024

Checklist for Individual & Small Group Practices Written by: Nancie Lee Cummins, CFE, CHA, CIFHA, OHCC, CHCM, CHCO, CORCM This article provides an overview of Health Information Technology for Economic and Clinical Health Act (HITECH) and basic checklist of policies and procedures for compliance of smaller health care organizations.

Compliance 99

Compliance US Department of Health and Human Services HIPAA Electronic Medical Records 99

HIPAA Journal

AUGUST 4, 2023

Ransomware and information stealing malware were highly prevalent. The RedLine information stealer and the Amadey bot were regularly blocked threats. Amadey has information stealing capabilities and is often used to perform reconnaissance before downloading additional malicious payloads.

Ransomware 79

Ransomware Governance HIPAA 79

Compliancy Group

APRIL 29, 2022

One of the trendy marketing terms being used by equipment and service providers in the security space is “HIPAA Compliant Environment.” All of these tools are very useful to ensure privacy and security in the use, storage, and transmission of protected health information (PHI). People send billing information to the wrong patient.

HIPAA 52

HIPAA Compliance Due Diligence Ransomware 52

HIT Consultant

AUGUST 9, 2023

Mike Hamilton, Founder and CISO of Critical Insight To stop ransomware terrorists from locking up our Nation’s hospitals, the Federal Government is pushing patient-focused entities to align with a standard. Two years ago, the Colonial Pipeline fell victim to a ransomware attack. Negative publicity matters, significantly.

US Department of Health and Human Services 98

US Department of Health and Human Services Hospitals Ransomware Governance 98

HIPAA Journal

FEBRUARY 8, 2024

Azura Vascular Care, a Pennsylvania-based operator of 70 outpatient vascular centers and ambulatory surgery centers in 25 states and Puerto Rico, notified the HHS’ Office for Civil Rights last month about a cybersecurity incident involving the protected health information of 348,000 patients. The incident was detected on November 9, 2023.

Ransomware 79

Ransomware Electronic Medical Records Licensing Health Insurance 79

HIPAA Journal

MAY 26, 2023

An updated version of the StopRansomware Guide has been published that includes further recommendations on actions that can be taken to reduce the risk of ransomware attacks. The post CISA & Partners Release Updated StopRansomware Guide appeared first on HIPAA Journal. The StopRansomware Guide is divided into two parts.

Ransomware 55

Ransomware HIPAA Governance 55

Healthcare IT Today

SEPTEMBER 15, 2023

The following is a guest article by Steven Stone, Head of Rubrik Zero Labs at Rubrik In early August, a ransomware attack disrupted operations across its network of 17 hospitals and more than 165 clinics in four states and forced some to rely on paper records. Put simply, ransomware attackers can apply more psychological pressure and impacts.

Ransomware 90

Ransomware Regulatory Compliance Compliance Regulations Compliance 90

HIPAA Journal

FEBRUARY 21, 2022

EHRs usually contain all the information required for multiple types of fraud, including names, addresses, dates of birth, Social Security numbers, other government and state ID numbers, health data, and health insurance information. No other records provide such a wide range of information.

Ransomware 124

Ransomware Fraud HIPAA Health Insurance 124

Healthcare IT Today

OCTOBER 4, 2023

In 2022, as cyberattacks globally rose by 38% year-on-year, healthcare became the third-most-attacked industry (behind government and education), recording an increase of 74% and reporting up to 1,463 incidents per week. Since 2018, ransomware attacks on healthcare organizations alone have cost the global economy $92 billion in downtime.

Ransomware 105

Ransomware Electronic Medical Records Telemedicine HIPAA 105