Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Healthcare

Welltok's MOVEit Breach Continues; Another 2 Million Records Harvested

Welltok provides a multi-use platform allowing institutions and individuals to manage their health and well-being. It is a third-party solution that caters to clinics, health networks, industry leaders, and private clinics. They also offer personalized resources and solutions meant to improve the health and lives of applicable patients.

112k Records Stolen from Population Health Analytics Platform, HealthEC

HealthEC (HEC) is an analytics and AI-assisted solution that siphons all relative information about patients into cohesive packages. Their tech can identify high-risk patients and their barriers to optimal care while providing options to close these care gaps. The data comes from healthcare systems and integrates with claims data to represent the patient best.

The Ultimate Vendor Risk Management Guide For Healthcare

The healthcare industry stores an abundance of sensitive information and relies on third-party vendors for critical business services, two factors that make the sector a prime target for cyber attacks. In 2022, 707 data breaches compromised 500 or more patient accounts, according to report records from the Department of Health and Human Services’ Office For Civil Rights (OCR).

Welltok's MOVEit Breach Returns; Data Stolen from 17 West Virginia Hospitals

The West Virginia University Health System (WVUHS) contains multiple institution locations, hospitals, and clinics. Welltok is a communications platform that allows patients and physicians to speak while encouraging healthy lifestyles. Like thousands of other medical providers, Welltok utilizes a third-party vendor to manage and maintain patient information; this vendor is Progress Software’s MOVEit.

Oregon Healthcare Provider Suffers Employee Email Data Breach

In Oregon, the Neuromusculoskeletal Center of the Cascades and Cascade Surgicenter collectively are “The Center.” The professionals that work there are highly trained doctors from many fields, including physiatry, occupational medicine, neurosurgical, and orthopedic care. The Center serves central Oregon at three stand-alone clinics and rural treatment at six shared clinics.

Ransomware Hits Kentucky Healthcare Network, Exposing Data of 2.5 Million

Norton Healthcare consists of over 430 locations between Kentucky and Indiana. The clinics meet over two million a year, including adult and pediatric patients. The hospital offers one of the largest not-for-profit healthcare systems in the region and employs over 25,000 faculty members. Norton Healthcare is a community powerhouse in the region; this makes their announcement of a data breach all the more disturbing.

Quick Look at the New CISA Healthcare Mitigation Guide

It’s the small vines, not the large branches, that trip us up in the forest. Apparently, it’s no different in Healthcare. In November, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a Mitigation Guide aimed at the Healthcare and Public Health (HPH) sector.

New York Healthcare Provider Notified 600k Following Network Cyberattack

East River Medical Imaging (ERMI) has three locations in New York City and Westchester County. ERMI is a “multi-modality radiology center,” including patient-centered solutions like MRIs, CTs, ultrasounds, imaging, radiology, fluoroscopy, and x-rays. They have served New York since 1970 and have a long history of high-quality patient care. At the end of August, an unauthorized actor accessed their network—exposing sensitive information from employees and patients.

Wearable Apps for Health and Fitness: Investigating Their Future Potential

Recently, popular wearable applications have changed how we track our health and fitness objectives. These applications, intended for smartwatches and fitness trackers, provide several features to help people live healthier and more active lifestyles. This article will address wearable apps' advantages, market growth, prospective uses, difficulties, and solutions in the health and fitness business.

Data Classification for Compliance with PCI DSS, NIST, HIPAA and More

Data classification is essential for achieving, maintaining and proving compliance with a wide range of regulations and standards. For example, PCI DSS, HIPAA, SOX and GDPR all have different purposes and requirements, but data classification is necessary for compliance with all of them — after all, you need to accurately identify and tag health records, cardholder information, financial documents and other regulated data in order to protect that data appropriately.