Data Privacy, Data Security, Healthcare Hospital Sisters Health System’s 2023 Cyberattack Impacted Nearly 900,000 Individuals Marianne Kolbasuk McGee (HealthInfoSec) • October 2, 2025 Hospital Sisters Health System has agreed to a $7.6 million settlement and further bolster its data security measures following a significant hacking incident in 2023. (Image: HSHS)…
Fraud Management & Cybercrime, Healthcare, Industry Specific 2024 Cyberattack Targeted Multiple Blood Suppliers Across the US and UK Marianne Kolbasuk McGee (HealthInfoSec) • September 29, 2025 OneBlood has consented to pay $1 million as part of a settlement pertaining to a 2024 ransomware attack that compromised data from approximately 170,000…
Recent updates to Texas health information legislation, which came into effect on September 1, introduce several critical provisions with implications for artificial intelligence and health record data management. Regulatory attorney Rachel Rose outlines the significance of this new state law, especially for organizations within the healthcare sector. Texas Senate Bill…
The group known as Silk Typhoon—previously referred to as Hafnium—has shifted its focus from exploiting vulnerabilities in Microsoft Exchange servers to targeting the information technology (IT) supply chain. This change in strategy aims to gain initial access to corporate networks, according to the Microsoft Threat Intelligence team’s recent report. Silk…
Commvault, a prominent player in cyber resilience and data protection solutions for hybrid cloud environments, has recently expanded its HyperScale portfolio with the introduction of HyperScale Edge and HyperScale Flex. These solutions aim to address the growing data security concerns of modern enterprises operating in remote offices and edge environments—locations…
Data Privacy, Data Security, Healthcare HHS Transfers 42 CFR Enforcement Responsibilities to Office of Civil Rights Amid Significant Restructuring Marianne Kolbasuk McGee (HealthInfoSec) • August 27, 2025 HHS shifts the regulatory oversight of substance abuse disorder record confidentiality from SAMHSA to HHS OCR, which also manages HIPAA enforcement. (Image: HHS)…
Data Privacy, Data Security, Healthcare Nuance Reaches Settlement Amid Ongoing MOVEit Litigation Marianne Kolbasuk McGee (HealthInfoSec) • August 21, 2025 Image: Nuance, Progress Software Nuance Communications, a subsidiary of Microsoft, has consented to pay $8.5 million to resolve a class action lawsuit stemming from a 2023 cyberattack that exploited a…
Data Privacy, Data Security, Fraud Management & Cybercrime Inotiv Inc. Reports Disruptions Due to Cyberattack Marianne Kolbasuk McGee (HealthInfoSec) • August 20, 2025 Inotiv has informed the SEC that a cyberattack on August 8 has compromised its IT systems. (Image: Inotiv) Inotiv, a contract research organization based in Indiana, disclosed…
Data Privacy, Data Security, Healthcare <span class=”article-sub-title”>Settlement Includes Corrective Action Plan Aimed at Enhancing Risk Analysis</span> <span class=”article-byline”> <a class=”author-link” href=””>Marianne Kolbasuk McGee</a> (<a href=””><i class=”fa fa-twitter”/>HealthInfoSec</a>) • <span class=”text-nowrap”>August 18, 2025</span> <a href=””/> </span> <figure> <img src=”” alt=”Accounting Firm Pays Feds $175K for HIPAA Ransomware Breach” class=”img-responsive”/> <figcaption>Image: BST</figcaption>…
