David DiMolfetta reports: Around 350 of some 1,800 small and rural U.S. hospitals are leveraging free and low-cost private sector cybersecurity resources that were marshaled by the White House this summer, a top White House cyber official said Tuesday. Deputy National Cyber Director for Cybersecurity and Emerging Technology Anne Neuberger provided the update at the…
Category: Health Data
Business Associate Agreements Matter: Demystifying the Perceived Simplicity of HIPAA Agreements
Shalyn Watkins of Holland & Knight writes: For most healthcare providers and businesses, signing a Business Associate Agreement (BAA) is a standard practice. When contracting to provide services with an entity governed by the Health Insurance Portability and Accountability Act (HIPAA), it is a requirement that the entity enter into a business associate contract, also…
How many times has Carespring Health Management been attacked since last year? (1)
In October 2023, Carespring Health Care Management was the victim of a ransomware attack. It was not announced on its website, but in November, Carespring was listed on the NoEscape ransomware gang’s site. At the time, the threat actors claimed they had encrypted Carespring’s files and exfiltrated 364 GB of files. The incident never appeared…
From the “I Wouldn’t Hold My Breath Department”
We understand why courts issue such injunctions and rulings, but still… PA News Agency reports: Hackers responsible for a cyber attack that led to more than 10,000 NHS appointments being cancelled have been ordered by a High Court judge to “unmask” themselves and return or delete stolen data. Pathology services provider Synnovis was targeted by…
Three State Attorneys General Secure $4.5 Million from Enzo Biotech for Failing to Protect Health Data of 2.4 Million Patients
NEW YORK – New York Attorney General Letitia James and the attorneys general of Connecticut and New Jersey today secured $4.5 million from Enzo Biochem, Inc. (Enzo) for failing to adequately safeguard the personal and private health information of its patients. Enzo is a biotechnology company that offers patients diagnostic testing at its laboratories in New York,…
Update: Gramercy Surgery Center attackers leaked patient data going back 20 years (1)
On June 18, Gramercy Surgery Center in New York discovered it might have been the victim of a cyberattack attack. It had been, and DataBreaches recently reported that the threat actor(s) known as Everest Team leaked more than 460 GB of files they claimed to have exfiltrated. Neither Gramercy Surgery Center (GSM) nor Everest responded…