Health Care Compliance Brief

Webinar Next Week: 12/14/2022: Solving HIPAA Compliance (Software Demonstration)

HIPAA Journal

DECEMBER 7, 2022

Achieving and maintaining compliance with the Privacy, Security, Breach Notification, and Omnibus Rules of the Health Insurance Portability and Accountability Act (HIPAA) can be a challenge for HIPAA-regulated entities. The software solution saves clients time and eliminates all the guesswork associated with the implementation process.

Compliance

Compliance HIPAA Health Insurance

SysAid Zero-Day Vulnerability Exploited to Deploy Clop Ransomware

HIPAA Journal

NOVEMBER 13, 2023

A zero-day vulnerability in the SysAid IT service management solution is being exploited by the Lace Tempest (aka FIN11, DEV-0950, TA505) threat group to gain access to SysAid servers, steal data, and deploy Clop ransomware. In one attack, a Cobalt Strike listener was deployed on compromised hosts.

Ransomware

Ransomware HIPAA

HPH Sector Urged to Make FIN11 Threat Group a Priority for Security Teams

HIPAA Journal

JUNE 14, 2023

Recent attacks include the exploitation of zero day vulnerabilities in file transfer solutions to gain access to sensitive data, which is stolen and threatened to be released if a ransom is not paid. The post HPH Sector Urged to Make FIN11 Threat Group a Priority for Security Teams appeared first on HIPAA Journal.

Ransomware

Ransomware COVID-19 HIPAA Public Health

Lawsuit Filed Against Conifer & Tenet Healthcare Over Email Account Breach

HIPAA Journal

APRIL 18, 2023

The lawsuit names Conifer Value-Based Care, Conifer Health Solutions, Conifer Revenue Cycle Solutions, and Tenet Healthcare Corporation as defendants. The lawsuit was filed in response to a breach of a Microsoft 365-hosted business email account that was detected on April 14, 2022.

HIPAA

HIPAA Fraud Licensing Health Insurance

How to Ensure HIPAA Compliance While Storing PHI on the Cloud

Total HIPAA

NOVEMBER 15, 2021

The cloud provides a safe platform for businesses to host some or all of their computer infrastructure. Making use of cloud hosting companies’ cutting-edge technologies may offer greater security than an on-premises solution. HIPAA Regulations: What Do They Require? HIPAA Regulations: What Do They Require?

HIPAA

HIPAA Compliance US Department of Health and Human Services

Preserving Patient Confidentiality: Prioritizing Security in Healthcare Facilities

Total HIPAA

JULY 12, 2023

Iceberg Cyber specializes in network security solutions, including vulnerability scanning, to identify and mitigate potential risks. In line with our commitment to providing valuable insights, we are excited to announce that we will be hosting a webinar on July 19th at 2:00pm featuring the founder of Iceberg Cyber.

HIPAA

HIPAA Doctors Compliance Hospitals

How to Maintain HIPAA Compliance in Public Cloud Environments

Total HIPAA

SEPTEMBER 13, 2021

The benefits of public cloud computing solutions make them very attractive to all types of businesses. In this article, we are going to discuss the factors and characteristics of public cloud solutions that are important for companies operating in the healthcare field in the United States. HIPAA compliance and cloud computing.

HIPAA

HIPAA Compliance Regulatory Compliance Ransomware

Warning Issued About Access:7 Vulnerabilities Affecting IoT and Medical Devices

HIPAA Journal

MARCH 9, 2022

PTC Axeda and Axeda Desktop Server are remote asset connectivity software solutions that are used as part of a cloud-based IoT platform. The vulnerabilities also affect a range of other devices such as ATMs, IoT gateways, label printers, SCADA systems, barcode scanners, vending machines, and asset monitoring and tracking solutions.

HIPAA

How to Overcome HIPAA Myths to Enhance the Protection of Healthcare Data

Healthcare IT Today

FEBRUARY 22, 2023

It’s safe to assume that securing protected healthcare information (PHI) would be a top priority for healthcare IT and security professionals, even if HIPAA didn’t require it. In the healthcare industry, HIPAA provides an additional layer of risk management complexity. That offshore support can still be HIPAA compliant.

HIPAA

HIPAA US Department of Health and Human Services Hospitals Compliance

Third-party data breach round-up: mscripts, Diligent, Mailchimp

Healthcare It News

JANUARY 30, 2023

Medication adherence platform mscripts breached On January 17, the cloud-based mobile pharmacy platform that focuses on patient engagement and medication adherence solutions, mscripts, reported to the U.S. As a result, HC3 warned healthcare organizations of phishing campaigns leveraged by the email marketing platform.

Electronic Medical Records

Electronic Medical Records HIPAA Doctors

HC3 Warns of Threat of Unauthorized Remote Access via ScreenConnect Tool

HIPAA Journal

JANUARY 23, 2024

According to a sector alert from the Health Sector Cybersecurity Coordination Center (HC3), between October 28 and November 8, 2023, an unknown threat actor abused a locally hosted ScreenConnect instance to gain remote access to victims’ networks. The company makes Rx30 and ComputerRx software that is used by pharmacies in all 50 states.

HIPAA

HIPAA Public Health

Unsecured Database Exposed 16,000+ Children’s Records

HIPAA Journal

NOVEMBER 29, 2022

Tridas Group is the developer of Tridas eWriter, a web-based software solution that allows parents and teachers to rapidly complete interviews to facilitate the diagnosis and management of children with developmental and behavioral issues. The post Unsecured Database Exposed 16,000+ Children’s Records appeared first on HIPAA Journal.

Ransomware

Ransomware HIPAA Health Insurance

OCR Settles HIPAA Investigation with Business Associate

Compliancy Group

MAY 16, 2023

Due to a July 2018 incident, the Office for Civil Rights (OCR) investigated MedEvolve to determine if the business associate was HIPAA compliant. A $350,000 HIPAA fine for potentially violating several provisions of the HIPAA Privacy and Security Rules. Get Started × Get HIPAA Compliant! The result? Find Out More!

HIPAA

HIPAA Compliance

Hive Ransomware Operation Disrupted as FBI Seizes the Gang’s Infrastructure

HIPAA Journal

JANUARY 27, 2023

The FBI gained access to two dedicated servers and one virtual server hosted by a Californian hosting provider, which were being leased by the gang, and law enforcement in the Netherlands assisted with the seizure of two backup servers hosted in the country. Actions like this add friction to ransomware operations.

Ransomware

Ransomware HIPAA Hospitals

How athenaTelehealth boosted one hospital's patient and provider satisfaction

Healthcare IT News - Telehealth

MAY 26, 2021

In early 2020, when the pandemic changed the medical center's in-person workflows overnight, the facility needed a quick and easy-to-use telehealth solution that allowed staff to continue to see established patients during lockdowns. The ability to host multiple people in the same visit. THE PROBLEM. " PROPOSAL.

Hospitals

Hospitals HIPAA Telemedicine COVID-19

2023 HIPAA Year-End Wrap-Up: HHS Issued $4 Million in Fines, Breaches Affected 109M Patients

Compliancy Group

JANUARY 2, 2024

The Department of Health and Human Services (HHS) Office for Civil Rights settled thirteen cases with healthcare organizations for potential HIPAA violations. 2023 OCR Fines: Who and Why In 2023, the HHS OCR settled cases with eight covered entities and four business associates for potential HIPAA violations.

HIPAA

HIPAA Ransomware Compliance Hospitals

HSCC Issues Guidance for Healthcare Organizations on Managing Legacy Technology Security

HIPAA Journal

MARCH 15, 2023

Technologies include FDA-regulated devices, non-FDA-regulated devices, laboratory equipment, building and facilities technology, and a host of other technologies. The post HSCC Issues Guidance for Healthcare Organizations on Managing Legacy Technology Security appeared first on HIPAA Journal.

FDA

FDA Governance HIPAA Public Health

Hackers Increasingly Targeting Cloud Apps for Distributing Malware

HIPAA Journal

APRIL 7, 2023

Historically, malicious actors have relived on email and malicious URLs for malware delivery and security solutions have been developed to protect against these attack vectors. The post Hackers Increasingly Targeting Cloud Apps for Distributing Malware appeared first on HIPAA Journal.

HIPAA

OSHA and HIPAA Training for Medical Offices: Ensuring Compliance in the Digital Age

Compliancy Group

OCTOBER 16, 2023

Two important aspects to focus on are OSHA and HIPAA training for medical offices, and exploring how online training options can streamline this process. Implementing OSHA training in medical offices comes with a host of benefits. Close Why is HIPAA Training Crucial for Medical Offices? Something is wrong with your submission.

HIPAA

HIPAA Compliance Nurses Doctors

What to Look For With HIPAA Certified Cloud Services

Compliancy Group

JULY 6, 2022

Many companies who need to be HIPAA compliant are looking for scalable options to meet their growing IT infrastructure needs. Cloud-based solutions offer greater flexibility than traditional in-office solutions, but what do you need to consider before trusting cloud HIPAA compliance? Compliancy Group can help!

HIPAA

HIPAA Compliance Doctors Hospitals

Five Key Takeaways from Our July Webinar

Total HIPAA

AUGUST 8, 2022

We recently hosted a webinar, “Annual HIPAA Requirements and Security Standards,” in which we discussed annual HIPAA requirements, document review, and the compliance procedures you need to have in place to prevent breaches and pass audits. . Furthermore, HIPAA compliance is complicated. Annual Training.

HIPAA

HIPAA Compliance

HIPAA Compliant Cloud Storage: How to Pick the Right Solution

Compliancy Group

DECEMBER 9, 2022

This may include backups, fileshare platforms, hosted VoIP, or any other cloud apps that have access to client data. Your healthcare clients need to trust that you are using HIPAA compliant tools to manage their data, including the cloud storage solution you use. What’s Your HIPAA Responsibility. Confidentiality.

HIPAA

HIPAA Compliance

HHS Raises Awareness of Threats to Electronic Health Record Systems

HIPAA Journal

FEBRUARY 21, 2022

Malware and ransomware infections often start with phishing emails, so email security solutions should be implemented, and end users should receive training to help them identify phishing emails and other email threats. Consider using a VPN solution to prevent exposing RDP. Attacks on Remote Desktop Protocol (RDP) are also common.

Ransomware

Ransomware Fraud HIPAA Health Insurance

Data Breaches Reported by New Jersey Brain and Spine, Highmark Inc. and Dialyze Direct

HIPAA Journal

MARCH 23, 2022

NJBS said that following the breach, several steps were taken to better protect patient data, including implementing 2-factor authentication, migrating patient data to a third-party hosted cloud-based platform, and installing a new server. and Dialyze Direct appeared first on HIPAA Journal. Highmark Inc.,

HIPAA

HIPAA Licensing Health Insurance Governance

Over 10,000 Organizations Targeted in Ongoing MFA-Bypassing Phishing and BEC Campaign

HIPAA Journal

JULY 13, 2022

The user is redirected to a website that hosts a popular open source phishing kit, which is used to harvest credentials. Defending against these attacks requires advanced email security solutions that scan inbound and outbound emails and can also block access to malicious websites – an email security solution and a DNS filter for instance.

HIPAA

Update on MOVEit Vulnerability Exploitation and Extortion: Victims Given Until June 14 to Pay Ransoms

HIPAA Journal

JUNE 9, 2023

The Clop ransomware gang and associated FIN11 threat group were suspected of involvement in the mass exploitation of the vulnerabilities as they had previously targeted vulnerabilities in file transfer solutions, exploiting zero-day vulnerabilities in the Accellion FTA and Fortra’s GoAnywhere MFT.

Ransomware

Ransomware HIPAA Public Health Governance

November 8, 2023, Healthcare Data Breach Round-Up

HIPAA Journal

NOVEMBER 8, 2023

While NoEscape claimed on its data leak site to have stolen around 60GB of data, including the personal information of 30,000 patients, the listing has since been removed, which usually means a ransom has been paid, although this has not been confirmed by the HIPAA Journal.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Associates in Dermatology Patients Affected by Business Associate Ransomware Attack

HIPAA Journal

MARCH 23, 2023

Virtual Private Network (VPN) Solutions provides electronic medical record management services to healthcare providers and Associates in Dermatology used its TouchChart software to host patient data. Most of those files did not contain patient data, but VPN Solutions said some of the files could be linked to patient names.

Ransomware

Ransomware Electronic Medical Records Records Management HIPAA

Semafone Integrates with Epic to Secure Healthcare Payments

HIT Consultant

AUGUST 19, 2021

What You Should Know: – Today Semafone , a provider of data security solutions for call and contact centers, has announced an integration with EHR provider Epic to protect payment data and enhance the patient experience. Cardprotect Voice+ Solution Overview. healthcare system is a heavily regulated and complex environment.

Fraud

Fraud HIPAA Governance Compliance

Leading Healthcare CISOs Join Forces to Solve Third Party Risk Management Challenges

HIPAA Journal

JANUARY 13, 2023

The Health3PT initiative aims to evaluate, identify, and implement actionable and practical solutions that healthcare organizations can adopt to provide more reliable assurances, consistent information security program reporting, and gain better visibility into downstream relationships with third parties.

HIPAA

HIPAA Public Health

Featured Health IT Job: Manager – Senior Cyber Security Architect

Healthcare IT Today

JULY 6, 2022

In this role, you will have the opportunity to contribute to program operations and proposal solution development as well as contributing to the cybersecurity posture of Moffitt. Cloud Security experience in support of AWS, GCP, and MS Azure cloud hosting environments. Experience with the Cyber Kill Chain and enterprise solutions.

HIPAA

HIPAA Compliance

5G’s Role in Improving Quality and Reach of Healthcare

HIT Consultant

OCTOBER 31, 2023

Robin Manke-Cassidy, Director, Solution Marketing at Cradlepoint In the world of healthcare, new technologies aren’t just about being on the cutting edge of the latest trend. Private 5G has a host of security measures built into the cellular network.

Hospitals

Hospitals HIPAA Doctors Compliance

Microsoft End of Support 2021

Total HIPAA

JANUARY 18, 2021

Every year, we publish Microsoft’s End of Support list because using up-to-date programming is key for HIPAA compliance. So, what does this mean for users who need to stay HIPAA compliant ? Under the HIPAA Security Rule 45 C.F.R. Host Integration Server 2010. HIPAA Compliance. January 12, 2021. April 13, 2021.

HIPAA

HIPAA Compliance

Basic HIPAA Guidelines: Annual Update 2022

Total HIPAA

AUGUST 8, 2022

We recently hosted a webinar, “Annual HIPAA Requirements and Security Standards,” in which we discussed annual HIPAA requirements, document review, and the compliance procedures you need to have in place to prevent breaches and pass audits. Furthermore, HIPAA compliance is complicated.

HIPAA

HIPAA Compliance

Profitable Digital Health Platform Healthie Closes on $16M to Enable the Next Generation of Healthcare Delivery

Healthcare IT Today

JULY 26, 2022

Historically, these solutions were delivered as separate tools that companies were forced to integrate, or build in-house, which is timely and expensive. Healthie hosts more than 1 million electronic health records and startups using Healthie have raised more than $700 million in venture capital. About Healthie.

Health Outcomes

Health Outcomes HIPAA Compliance Telemedicine

Creating a Compliance Risk Management System

Compliancy Group

MARCH 14, 2024

These threats or hazards can arise in many ways, causing a host of issues and liabilities. Healthcare violations – healthcare is one of the most stringent industries, and noncompliance can result in HIPAA , OSHA , or other government violations. Keep a record of all your efforts for both internal and external audits.

Compliance

Compliance Governance HIPAA

VA still facing interoperability, scaling challenges amidst COVID-19

Healthcare IT News - Telehealth

OCTOBER 26, 2021

The symposium, which was hosted in partnership with the Digital Medicine Society, convened federal officials and industry partners to discuss the most pressing issues facing the agency – and healthcare as a whole. But data silos present a hurdle, as does the capability to scale products across an enterprise.

COVID-19

COVID-19 Ransomware Hospitals HIPAA

Healthie Raises $16M to Enable Infrastructure Platform for Digital Health Companies

HIT Consultant

JULY 19, 2022

Full-Stack Solution Designed for Modern Healthcare Delivery. To date, Healthie hosts more than 1 million electronic health records and startups using Healthie have raised more than $700 million in venture capital.

HIPAA

HIPAA Compliance

What the US Healthcare IT Industry Can Learn from the EU Digital Services Act

HIPAA Journal

SEPTEMBER 5, 2023

The Act applies to all conduit, caching, and hosting services accessible by EU citizens regardless of where the service provider is based (similar to the General Data Protection Regulation ). Strictly speaking, such a website fulfils the definition of an online platform because users can interact with it. My Body, My Data Act”).

Compliance

Compliance HIPAA Governance Fraud

What Are the Main Hazards in Healthcare Workplaces?

Compliancy Group

FEBRUARY 21, 2024

These are all reasons why more organizations are seeking OSHA compliance solutions that include additional coverage, such as HIPAA compliance monitoring, tailored training, and guidance that includes other risks beyond the workplace, such as COVID-19. The most common answer is the host employer.

Compliance

Compliance Compliance Officers COVID-19 HIPAA

IT Infrastructure: Creating A Culture of Security In Your Hospital & Health System

HIT Consultant

MAY 4, 2023

But with so many competing training programs — everything from HIPAA and regulatory compliance to handwashing and job-specific training — it’s difficult to break through the noise and gain traction. By partnering with healthcare organizations through a host of managed service offerings and technical security solutions.

Hospitals

Hospitals Regulatory Compliance HIPAA Compliance

Unique Factors to Consider When Selecting Enterprise Data Platforms for Virtual Healthcare Apps

HIT Consultant

DECEMBER 21, 2021

Developing virtual healthcare solutions is a daunting task. As a healthcare technology solution provider targeting the remote care market, you’re required to have both the clinical and the technological expertise needed to design, build and integrate a complete solution that can address the challenges with virtual patient care and monitoring.

Hospitals

Hospitals Health Insurance HIPAA

700,000 Highly Sensitive School Records Exposed Online

HIPAA Journal

JULY 31, 2023

The database was hosted in a cloud storage repository and had been mistakenly configured to be non-password protected. On June 2, 2023, Harris Health System was notified about a zero-day vulnerability in the MOVEit Transfer file transfer solution. He said the database was a goldmine for criminals on many levels.

Health Insurance

Health Insurance Hospitals HIPAA Licensing

Top 7 Cybersecurity Vulnerabilities for Healthcare Organizations

HIT Consultant

AUGUST 13, 2023

The size and complexity of cybersecurity attacks today is forcing healthcare providers to outsource these responsibilities to IT professionals who can maintain a robust defense to ensure the privacy of patient records and compliance with regulatory standards like the Health Insurance Portability and Accountability Act (HIPAA). Legacy systems.

Ransomware

Ransomware Fraud Health Insurance HIPAA

Webinar Next Week: 12/14/2022: Solving HIPAA Compliance (Software Demonstration)

SysAid Zero-Day Vulnerability Exploited to Deploy Clop Ransomware

Trending Sources

HPH Sector Urged to Make FIN11 Threat Group a Priority for Security Teams

Lawsuit Filed Against Conifer & Tenet Healthcare Over Email Account Breach

How to Ensure HIPAA Compliance While Storing PHI on the Cloud

Preserving Patient Confidentiality: Prioritizing Security in Healthcare Facilities

How to Maintain HIPAA Compliance in Public Cloud Environments

Warning Issued About Access:7 Vulnerabilities Affecting IoT and Medical Devices

How to Overcome HIPAA Myths to Enhance the Protection of Healthcare Data

Third-party data breach round-up: mscripts, Diligent, Mailchimp

HC3 Warns of Threat of Unauthorized Remote Access via ScreenConnect Tool

Unsecured Database Exposed 16,000+ Children’s Records

OCR Settles HIPAA Investigation with Business Associate

Hive Ransomware Operation Disrupted as FBI Seizes the Gang’s Infrastructure

How athenaTelehealth boosted one hospital's patient and provider satisfaction

2023 HIPAA Year-End Wrap-Up: HHS Issued $4 Million in Fines, Breaches Affected 109M Patients

HSCC Issues Guidance for Healthcare Organizations on Managing Legacy Technology Security

Hackers Increasingly Targeting Cloud Apps for Distributing Malware

OSHA and HIPAA Training for Medical Offices: Ensuring Compliance in the Digital Age

What to Look For With HIPAA Certified Cloud Services

Five Key Takeaways from Our July Webinar

HIPAA Compliant Cloud Storage: How to Pick the Right Solution

HHS Raises Awareness of Threats to Electronic Health Record Systems

Data Breaches Reported by New Jersey Brain and Spine, Highmark Inc. and Dialyze Direct

Over 10,000 Organizations Targeted in Ongoing MFA-Bypassing Phishing and BEC Campaign

Update on MOVEit Vulnerability Exploitation and Extortion: Victims Given Until June 14 to Pay Ransoms

November 8, 2023, Healthcare Data Breach Round-Up

Associates in Dermatology Patients Affected by Business Associate Ransomware Attack

Semafone Integrates with Epic to Secure Healthcare Payments

Leading Healthcare CISOs Join Forces to Solve Third Party Risk Management Challenges

Featured Health IT Job: Manager – Senior Cyber Security Architect

5G’s Role in Improving Quality and Reach of Healthcare

Microsoft End of Support 2021

Basic HIPAA Guidelines: Annual Update 2022

Profitable Digital Health Platform Healthie Closes on $16M to Enable the Next Generation of Healthcare Delivery

Creating a Compliance Risk Management System

VA still facing interoperability, scaling challenges amidst COVID-19

Healthie Raises $16M to Enable Infrastructure Platform for Digital Health Companies

What the US Healthcare IT Industry Can Learn from the EU Digital Services Act

What Are the Main Hazards in Healthcare Workplaces?

IT Infrastructure: Creating A Culture of Security In Your Hospital & Health System

Unique Factors to Consider When Selecting Enterprise Data Platforms for Virtual Healthcare Apps

700,000 Highly Sensitive School Records Exposed Online

Top 7 Cybersecurity Vulnerabilities for Healthcare Organizations

Stay Connected