Data Security

HHS OCR’s Fourth Ransomware Investigation + Settlement: Key Takeaways for Healthcare Providers

By Joseph J. Lazzarotti on October 2, 2024

The Office for Civil Rights (OCR) has announced its fourth cybersecurity investigation and settlement, noting a 264% increase in significant ransomware breaches since 2018. A recent settlement with a medium-sized healthcare provider involved a $250,000 payment and commitments to enhance the security of Protected Health Information (PHI). This investigation and settlement underscore the critical need…

OCR Official Speaks About Compliance Concerns for HIPAA Covered Entities and Business Associates

By Joseph J. Lazzarotti on August 21, 2023

Posted in Healthcare

What do ransomware, Yelp, and website tracking technologies all have in common? They are troubling areas of concern for HIPAA covered entities and business associates, according to one official from the federal Office for Civil Rights (OCR) which enforces the HIPAA privacy and security rules. Recently, the Executive Editor of Information Security Media Group’s (ISMG’s)…

Getting Healthcare in 2023 and Beyond…Virtually…and Securely

By Michael R. Bertoncini on January 17, 2023

Posted in Uncategorized

Much is being written about “remote work” – is it productive, will demand for it continue or be curtailed in a recession, is cybersecurity compromised, does it inhibit workplace culture, collaboration, etc. Lots of questions, few clear answers. Read more at our Workplace Privacy, Data Management & Security Report.

FDA Names First Acting Director of Medical Device Cybersecurity

Posted on February 24, 2021

Posted in Privacy

The U.S. Food and Drug Administration (FDA) named University of Michigan Associate Professor Kevin Fu Acting Director of Medical Device Security in its Center for Devices and Radiological Health. This is a newly created 12-month post in which Fu will “work to bridge the gap between medicine and computer science and help manufacturers protect…

Legislators and Regulators Weigh in On Privacy and Data Security Protections for Healthcare Providers Amid COVID-19 Pandemic

Posted on May 8, 2020

Posted in Policies, Privacy

As they work to combat the surging COVID-19 virus, healthcare providers recently were reminded by legislators and regulators of the importance of data security and privacy protections. Read more here.

Small Michigan Medical Practice to Close Following Ransomware Attack

By Joseph J. Lazzarotti on April 16, 2019

Posted in Healthcare

Small and midsized enterprises (SMEs) continue to be targeted by ransomware, phishing and other cyberattacks; the consequences of which could be devastating. Those consequences include putting SMEs out of business, which is unfortunately the case for one small medical practice in Battle Creek, Michigan, as reported by HIPAAJournal. Our colleagues in the Privacy, Data…

Healthcare Workplace Update