From the Office of Attorney General Maura Healey, an announcement of a settlement in the wake of insider breaches: BOSTON — UMass Memorial Medical Group Inc. and UMass Memorial Medical Center Inc. will pay a total of $230,000 to resolve claims that two separate data breaches exposed the personal and health information of more than…
Category: Health Data
Ransomware attacks against hospitals: A timeline
Seth Rosenblatt and Pinguino Kolb report: Ransomware attacks are serious business for hackers―and often completely avoidable. Hospitals and health care systems, now in the business of collecting patient data as a side effect of treating physical maladies, struggle to keep that information secure. While there’s no ransomware-specific cost estimate to the health care business, Verizon’s…
Commentary: What Constitutes Negligence in Company Data Breaches?
Amy L. Hanna Keeney of Adams and Reese writes about an opinion in a court case that stemmed from one of TheDarkOverlord’s hacks: their attack on Athens Orthopedic Clinic (AOC). I had covered that breach extensively, including commenting on the fact that AOC did not offer any free services to patients whose data had not…
PA: Independence Blue Cross and subsidiaries notifying members whose PHI was mistakenly exposed on public web site
John George reports: Independence Blue Cross and its subsidiaries AmeriHealth HMO and AmeriHealth Insurance Co. of New Jersey have alerted certain members of a recent incident involving a potential privacy issue related to protected health information. […] “We quickly launched an investigation to determine the nature and scope of this incident, working with a leading…
Russians tried to hack Swiss lab testing samples from Skripal attack
Sean Gallagher reports: Last Friday, Dutch officials revealed that they had arrested and expelled two alleged Russian intelligence agents who were caught attempting to hack into the Spiez Laboratory, a Swiss national laboratory that is home to the Swiss Federal Institute for NBC (Nuclear, Biological, and Chemical) Protection. The Spiez lab was testing two sets…
FDA aims to strengthen cybersecurity of medical devices
Danielle Brown reports: The Food and Drug Administration (FDA) is working to strengthen the cybersecurity of medical devices in the wake of computer-hacking threats, according to a report by the Star Tribune. According to the report, FDA staff members are examining companies’ “preparations for potential computer-hacking threats to devices that millions of Americans depend on.”…