Editor's Note Healthcare industry groups are calling for the federal government to streamline and ease the recently proposed cybersecurity incident reporting rule by the Cybersecurity and Infrastructure Security Agency (CISA), Fierce Healthcare reported July 8. According to the report, CISA's proposal imposes enhanced reporting requirements for critical infrastructure entities, including…
Editor's Note Although SecurityScorecard gave the US healthcare a “better than expected” B+ rating for cybersecurity in 2024, the supply chain cybersecurity firm also highlighted significant risks in application and endpoint security, HealthcareIT News reported June 25. Overall, 35% of third-party data breaches in 2023 affected healthcare organizations, the…
Editor's Note A June 24 advisory from the FBI and Department of Health and Human Services warns healthcare organizations about attempts to steal payments through phishing and social engineering tactics, according to a post from the American Hospital Association (AHA). The attackers target employee email accounts to access login information…
Editor's Note Qilin, a ransomware group based in Russia, claimed responsibility for a cyberattack against pathology services provider Synnovis that paralyzed London Hospitals and is now requesting $50 million, Becker’s Health IT reported June 20. Citing a report from Bloomberg, the article notes that the attack disrupted services at London-based hospitals…
Editor's Note Change Healthcare has started to notify health care providers about patient data stolen in the February cyberattack and announced plans to mail affected individuals as well. A unit of UnitedHealth Group, the organization issued the update June 20. “CHC is providing this notice now to help individuals understand…
Editor's Note The Centers for Medicare & Medicaid Services (CMS) has announced assistance for providers affected by the Change Healthcare cyberattack ends next month. According to the June 17 announcement, payments under the Accelerated and Advance Payment (AAP) Program for the Change Healthcare/Optum Payment Disruption (CHOPD) will end July 12,…
Editor's Note Ascension has restored electronic health records (EHRs) throughout all hospitals and clinics nationwide, according to a June 14 update from the St. Louis-based health system. "Clinical workflow in our hospitals and clinics will function similarly to the way it did prior to the ransomware attack," the statement reads,…
Editor's Note Personal patient data could have been compromised in the May 8 cyberattack on Ascension, according to the latest update from the St. Louis-based healthcare system. Posted June 12, the update reveals that attackers accessed files from seven out of 25,000 file servers used for routine tasks, potentially containing…
Editor's Note Microsoft and Google announced they will offer free or discounted cybersecurity services to rural hospitals in the U.S. to help protect against cyberattacks, CNN reported on June 10. According to the article, Microsoft will provide free security updates, assessments, and staff training, while Google will offer free cybersecurity…
Editor's Note Ascension, a 140-hospital, St. Louis-based health system disrupted by a May 8 cyberattack, has announced that its electronic medical record (EHR) will be restored by June 14. Becker’s Health IT reported the news June 5. According to that article, the restoration of systems comes after medical records have…