Feds Push Cyber Insurance for Healthcare Industry

The HHS 405(d) Program (see below) is an industry group supported by the U.S. Department of Health and Human Services (HHS) that is attempting to improve cyber security in the health industry. See examples of its resources and projects here. (We’ve reported numerous stories on cyber insurance for healthcare organizations and hospitals.) The HHS program … Read more

Cyber Insurance Helps Hospital Recover from Hack & Identify Location of Stolen Data

“This past summer’s cyber attack on (New York state’s) Claxton-Hepburn Medical Center in Ogdensburg and Carthage Area Hospital consumes CEO Rich Duvall’s day-to-day job…Not paying the ransom, dealing with the hack almost daily with rebuilding a system, paying lawyers, and working with the IT team and consultants has to be costly,” this article reports. The … Read more

Lafourche Medical Group Settles with HHS in First-Ever Phishing Case

In a landmark move, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with Lafourche Medical Group, a Louisiana-based healthcare provider. This marks the first-ever settlement by OCR regarding a phishing attack under the Health Insurance Portability and Accountability Act (HIPAA). The settlement stems from a 2021 incident … Read more

Ardent Health Services Addresses Cybersecurity Incident

Healthcare provider Ardent Health Services faces a cybersecurity challenge with a ransomware attack affecting its information technology systems. While the full extent of compromised patient health or financial data is unknown, Ardent emphasizes patient safety as its top priority. In a statement, Ardent said they “became aware of an information technology cybersecurity incident on the … Read more

×