The Department of Health and Human Services has issued a new proposed rule to better align the HIPAA privacy and breach notification rules with regulations involving the confidentiality of records pertaining to patients receiving treatment for substance use disorders.
Healthcare providers and their vendors often fear federal regulatory action, but do fines and corrective action many any difference at all? As breach cases have nearly doubled since 2018, federal fines dropped 93% in 2022, and some say the agency is understaffed and crippled by legal challenges.
Is the ransomware problem getting better or worse? Unfortunately, gauging attack trends continues to be complicated by the fact that many incidents never come to light publicly and many victims are hesitant to say "ransomware" when describing what hit them, says Comparitech's Rebecca Moody.
RegScale has purchased a startup founded by the FCC's former chief data officer that makes documenting compliance easier for nontechnical personnel by using a questionnaire. The GovReady deal means customers will be able to demonstrate their adherence to standards by answering questions.
Cybersecurity experts warn that large healthcare and public sector organizations are continuing to get hit by "big-game hunting" attackers wielding Lorenz ransomware. Among the group's known victims are Wolfe Eye Clinic in Iowa and Salud Family Health of Colorado.
Pro-Kremlin KillNet hackers took down the website of the European Parliament on Wednesday in a DDoS attack that came just hours after the legislative body declared Russia a terrorist state. The website was still down late in the day as part of a string of hacktivist attacks against allied nations.
The U.S. government seized seven fake cryptocurrency domains used in a confidence scam based on long-term emotional manipulation of victims that netted criminals more than $10 million. Perpetrators scammed five victims by spoofing the website of the Singapore International Monetary Exchange.
Over 5,000 major health data breaches since 2009 have affected the personal information of 370 million people. Ransomware gangs and hackers are targeting healthcare providers, insurance firms and partners at an alarming rate. Experts explain why it's such a dangerous game.
Before the newly spotted AxLocker ransomware crypto-locks systems, it steals Discord tokens, which can be sold on cybercrime markets. Among Discord's many users are cryptocurrency and NFT enthusiasts, and experts say the stolen credentials facilitate attempts to socially engineer them.
Ten state attorneys general are urging Apple to address privacy and security gaps in third-party applications available on the App Store that track, collect or store reproductive health data. The letter comes as scrutiny intensifies over how large tech firms handle sensitive health data.
The nefarious LockBit 3.0 cybercriminal group is claiming responsibility for the ransomware attack that halted municipal services and shut down employee email accounts in Westmount, Quebec, giving the city a deadline of Dec. 4 to make an undisclosed ransom payment.
Banks are getting better at catching a wide range of scams targeted at customer accounts, but they are still struggling with stopping authorized payment fraud through peer-to-peer payment companies such as Zelle, says David Pollino, former divisional CISO with PNC Bank.
In Part 1 of this exclusive two-part series, Dr. Raj Iyer, CIO of the U.S. Army, lays out the vision for 2023-2024, which includes a tectonic shift from on-premises data centers to cloud and modernization and the migration of over 5,000 applications to augment war-fighting capabilities.
Authorities charged six people, including five former Tennessee hospital workers, with conspiracy in disclosing health data. Federal prosecutors say the six sold information about patients involved in motor vehicle accidents to third parties, including chiropractors and personal injury attorneys.
A top Georgia cybersecurity official urges industry leaders to shift conversations with customers from fear, uncertainty and doubt - or FUD - to awareness, preparedness and resilience. Stanton Gatewood says security officials should discuss user awareness and situational awareness with customers.