While healthcare organizations continue to struggle with ransomware, they also suffer breaches when their employees make mistakes, like leaving a laptop in a car where it can be stolen.
As the plague of cyberattacks on health systems continues, HHS' Office for Civil Rights wants healthcare organizations to establish contingency plans to keep patient data secure.
HHS' Office for Civil Rights is investigating Banner Health following a 2016 cyberattack that may have affected 3.7 million patients. The Phoenix-based not-for-profit system anticipates that it may receive negative findings and be fined.
A Florida-based provider accused Allscripts of failing to take necessary precautions to prevent a ransomware attack that shut down its cloud-based EHR and forced clients to cancel business.
Medical devices that are connected to hospital computer systems create vulnerabilities that can be difficult to manage.
Hancock Health paid a roughly $55,000 ransom to hackers from an "unidentified criminal group" to regain access to hospital computer systems. The network said it found no evidence that patient information was adversely affected.
Florida officials say hackers may have accessed the personal information and medical records of up to 30,000 Medicaid recipients two months ago.
21st Century Oncology, a cancer-care provider, has agreed to pay HHS $2.3 million to settle allegations that it didn't implement proper protocols to protect patient information from hackers.
More than 18,000 Henry Ford Health System patients' personal health information was viewed or stolen in early October by an unknown person or entity who hacked the Detroit-based health system's electronic health records.
The data security breach at Equifax is a cautionary note to hospitals and payers to watch out for vendor vulnerabilities. Equifax is the financial verification vendor for the exchange marketplaces.
The announcement of the breach comes just over a month after Anthem reached the largest ever settlement in a data-breach case.
Anthem has reached a $115 million deal to settle lawsuits over a 2015 data breach in which hackers stole personal information from 78.8 million employees and current and former members.