Privacy & Security

The watchdog agency said that it found the existing coordination agreement does not reflect "organizational and procedural changes," including the FDA's authority to find that medical devices in use violate federal law. 

The hospital "failed to handle its patients’ health information with care," said Attorney General Letitia James. It has pledged to update its policies on third-party tools, ensure deletion of PHI gathered by those tools and boost its privacy safeguards.

Being a cybersecurity professional has its difficulties – like tackling bad actors and working out how AI can improve or hinder strategies to ensure healthcare system security, says Richard Staynings, chief security strategist at Cylera.

Australia's largest not-for-profit health and aged care provider is still figuring out which data were "removed" by hackers.

The HHS 405(d) program has new resources to help small to large healthcare organizations navigate what's important when implementing cyber insurance.

The DOJ announced that the FBI also has decryptor keys for Blackcat ransomware victims and will "prioritize disruptions" as it works to "dismantle the ecosystem fueling cybercrime."

By creating new definitions and revising others, the proposed rule targets health and wellness technology companies operating outside of HIPAA and qualitatively expands the scope of what constitutes a PHR.

Hospitals also worry about the lack of digital talent and the incompatibility of various digital solutions. 

One industry observer notes the massive digital transformation in how care is accessed and the historic increases in cyberattacks have been pushing more provider organizations to expect much more from their IT vendors.

The National Institute of Standards and Technology created guidance for evaluating differential privacy algorithms that could allow data to be publicly released without revealing the individuals within the dataset.