Disclaimer: This blog article was written by an AdvancedMD partner. The views and opinions expressed in this article are those of the author(s) and do not necessarily reflect the official policy or position of AdvancedMD.
A roundup of HIPAA related news for the week of August 20, 2024 includes North Korea facing charges on ransomware attacks against US hospitals, a background check firm confirming a security breach, cyber insurance claims falling, and more.
Many healthcare organizations have been the victim of breaches and cyberattacks. Some organizations in the UK have started fighting back by preparing for attacks and recovering without paying ransom.
It is impossible to be bullet proof when it comes to these sophisticated hackers and cyber criminals, but it is important to do the best we can to protect our personal and patient data and to be ready to respond when something goes wrong.
For more information on how to minimize the chance of a HIPAA event at your practice and how to be prepared to respond to an event reach out to TLD Systems at Contact | TLD Systems.
Beyond the Golden Hour: Why healthcare is uniquely vulnerable to attack (Health Data Management)
Ransomware and other system interference attacks are dangerous because they risk patients’ lives, and attackers capitalize on this risk.
Florida-Based Drug Testing Lab Says 300,000 Affected in Hack (Govinfosecurity.com)
Florida drug testing medical laboratory American Clinical Solutions told federal regulators that 300,000 individuals are caught up in a hacking incident now that criminal gang RansomHub has published 700 gigabytes worth of data stolen from the lab’s network.
McLaren confirms it was hit with ransomware; disruptions to last until September (HealthExec)
On Aug. 7, McLaren Health Care—a 13-hospital system in Michigan—announced it had been hit with a cyberattack, forcing it to postpone some non-emergency care services. Now, McLaren has confirmed the incident was a ransomware attack.
Alabama Cardiovascular Group suffers healthcare data breach (Tech Target)
Alabama Cardiovascular Group filed a report with HHS confirming that more than 280,000 individuals were affected by a healthcare data breach. On July 2, 2024, ACG discovered unauthorized activity on its computer network.
Carespring Healthcare Management Data Breach (JD Supra)
On August 15, 2024, Carespring Healthcare Management, LLC (“Carespring”) filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on its computer network.
UPDATE: American Clinical Solutions Files Official Notice of Data Breach with Federal Government (JD Supra)
On July 24, 2024, American Clinical Solutions (“ACS”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party was able to access confidential information in the company’s possession.
Mid-Columbia Center for Living gives notice of data security incident (Columbia Gorge News)
Mid-Columbia Center for Living (“MCCFL”) announced today that it will be notifying certain current and former clients that their personal information may have been accessed as part of a business email compromise.
Background Check Firm National Public Data Confirms Breach (Govinfosecurity.com)
Background check firm National Public Data is notifying 1.3 million individuals that their personal information was stolen in a December 2023 breach of its systems.
Georgia hospital hit with ransomware (Beckers Health IT)
On June 3, a hacker gained access to Jesup, Ga. based Wayne Memorial Hospital’s network, encrypted some of its data and left a ransom note on the network, the hospital said in a notice.
North Korean charged in ransomware attacks on American hospitals (MSN Network)
A man who allegedly carried out cybercrimes for a North Korean military intelligence agency has been indicted in a conspiracy to hack American health care providers
Cyber insurance claims fall as businesses refuse ransom payments and recover themselves (Le Lizard)
an annual survey of 500 UK IT decision makers found that while more organizations than ever have cyber insurance, the number of claims is down.
Iran behind cyberattacks against presidential campaigns (SC Media)
Iran has been blamed by U.S. intelligence agencies for being the perpetrator of attempted compromise of the campaigns of President Joe Biden and former President Donald Trump
