Biotech firm Enzo Biochem has agreed to pay $7.5 million to settle a consolidated proposed class action lawsuit involving a 2023 ransomware attack affecting 2.5 million people. The company has already paid $4.5 million in fines to three state attorneys general for the same incident.
Wolf Haldenstein Adler Freeman & Herz LLP, a law firm that represents consumers in data breach lawsuits, has reported to regulators its own 2023 hack affecting more than 3.4 million individuals. The incident isn't the first time a law firm that handles data breach litigation reported a major hack.
Faced with this onslaught of smart, connected medical equipment, many healthcare providers are looking for device cybersecurity strategies and ways to help make these products more secure. Experts say it requires ongoing commitment to device security - something many providers haven't yet done.
A medical supply firm will pay $3 million to settle issues found by a HIPAA investigation into a breach. Also, a public health system will pay $60,000 to resolve a right-of-access dispute. The cases are among the latest in a spate of HIPAA enforcement actions as the Biden administration wraps up.
Six months after a ransomware attack temporarily crippled its blood donation and distribution activities, Florida-based nonprofit OneBlood is reporting a data breach to regulators that affected donors' personal information. Why is the incident reawakening healthcare supply chain concerns?
Federal regulators are reminding healthcare providers, insurers and other regulated firms of their duty to ensure that AI and other emerging technologies for clinical decision making and patient support are not used in a discriminatory manner - and comply with HIPAA.
With 10 days left in office, the Biden administration releases an artificial intelligence strategic plan for the U.S. Department of Health and Human Service. HHS calls the plan a "comprehensive roadmap," outlining the department's "commitment to trustworthy, ethical and equitable AI use."
Tampa General Hospital has agreed to pay $6.8 million to settle a proposed consolidated federal class action lawsuit filed in the wake of the 2023 data theft incident affecting about 2.1 million people. How might a potential update to the HIPAA Security Rule affect similar lawsuits moving forward?
Many important efforts by the Cybersecurity Infrastructure and Security Agency to help the healthcare sector and other critical infrastructure sectors bolster their cybersecurity are likely to continue under the incoming Trump administration, predicted CISA Deputy Director Nitin Natarajan.
A Florida-based behavioral health holding company has paid federal regulators a $337,750 HIPAA settlement for a 2018 incident involving the deletion of electronic protected health information pertaining to nearly 3,000 patients. How should other entities avoid these data loss situations?
From application security to zero trust, it's been a busy four years for the current leaders of the U.S. Cybersecurity and Infrastructure Security Agency. Deputy Director Nitin Natarajan discusses the agency's accomplishments and the threats that await the next administration's cyber leaders.
A Massachusetts firm that provides billing and other services to home health agencies and a Virginia-based data hosting and cloud provider are the latest companies paying federal regulators settlements. HHS levied $170,000 in fines following investigations into ransomware breaches.
Manufacturers are eager to incorporate AI into a wide range of medical devices, from cardiac monitors that can spot developing heart problems to medical imaging systems that can find malignancies a radiologist might miss. The FDA released a new guidance this week on how to secure these devices.
Certain vulnerabilities in device maker Illumina's iSeq 100 DNA gene sequencer could allow hackers to overwrite the system's firmware to render the device unusable or to install a firmware implant for ongoing attacker persistence, said researchers at Eclypsium who identified the flaws.
Richmond University Medical Center, a 440-bed teaching hospital on Staten Island, N.Y, is notifying 674,000 people of a data theft that happened 18 months ago. The breach was part of a ransomware attack that disrupted the organization's IT systems for several weeks in spring 2023.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
