Data Privacy, Data Security, Healthcare FTC Asserts 23andMe’s Privacy Obligations Must Be Honored Amid Bankruptcy Marianne Kolbasuk McGee (HealthInfoSec) • March 31, 2025 Image credit: 23andMe The Federal Trade Commission (FTC) has issued a communication to the bankruptcy trustees of 23andMe, emphasizing that any prospective sale of the genetic testing…
The Food and Drug Administration (FDA) recently released draft guidance on artificial intelligence (AI)-enabled medical devices, signaling an increase in regulatory oversight in this evolving field. Dr. Scott Schell, the chief medical officer at IT consulting firm Cognizant, emphasized that although the guidance is non-binding, it represents a pivotal shift…
For executives in healthcare, ensuring security compliance transcends mere regulatory obligations; it is integral to safeguarding the organization’s reputation, minimizing risks, and guaranteeing business continuity. In particular, HITRUST CSF e1 or i1 certifications can markedly boost patient confidence and health plan assurance while curtailing security vulnerabilities. Such certifications also pave…
Healthcare, HIPAA/HITECH, Industry Specific HIPAA Compliance Audits Target Security Rule Provisions Amid Rising Cyber Threats Marianne Kolbasuk McGee (HealthInfoSec) • March 25, 2025 Image: Getty Images The U.S. Department of Health and Human Services (HHS) has initiated HIPAA compliance audits of covered entities and business associates, marking the first round…
Attack Surface Management, Healthcare, Industry Specific Health-ISAC and AHA Call for Enhanced Security Amid Terror Threats Marianne Kolbasuk McGee ( HealthInfoSec) • March 20, 2025 The Health ISAC and American Hospital Association have issued a warning for hospitals to improve their physical and cybersecurity measures in response to emerging terrorist…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Research Uncovers the Challenge of AI-generated Misinformation in Healthcare and Proposed Solutions Rashmi Ramesh (@rashmiramesh_) • March 18, 2025 Image: Shutterstock Artificial intelligence fundamentals are prompting a significant reevaluation among healthcare professionals and technologists regarding the safe utilization of AI…
Healthcare, HIPAA/HITECH, Industry Specific Health Industry Associations Express Concern Over Proposed Cybersecurity Regulations Marianne Kolbasuk McGee (HealthInfoSec) • February 27, 2025 A coalition of healthcare organizations urged the administration to withdraw the proposed HIPAA security rule update in a letter dated February 17 (Image: White House, CHIME, MGMA) A coalition…
Recent cyber activities linked to North Korean threat actors, particularly the Kimsuky group, demonstrate a notable evolution in their techniques. They are increasingly leveraging living-off-the-land (LotL) strategies, relying on common services to remain undetected. A recent operation, identified as “DEEP#DRIVE” by Securonix, exemplifies this trend, utilizing PowerShell scripts and Dropbox…
Artificial Intelligence & Machine Learning, Healthcare, Industry Specific Lawsuit Claims Insurer Misused AI in Denying Necessary Medical Care Marianne Kolbasuk McGee (HealthInfoSec) •February 14, 2025 Image: UnitedHealthCare A proposed class action lawsuit against UnitedHealth Group has gained judicial approval to progress. The case contends that UnitedHealthCare, the company’s insurance division,…
