Settlement Marks Fifth HIPAA Enforcement Action Tied to Risk Analysis Initiative In a significant settlement, a fitness and wellness services provider based in Illinois has agreed to a payment of nearly $228,000 to federal regulators following a breach incident attributed to IT misconfiguration. This settlement is the result of investigations…
New Insights on HIPAA Security Rule from Security Researcher In a recent development concerning healthcare cybersecurity, a security researcher has provided critical insights into compliance with the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. This exploration into HIPAA’s implications highlights ongoing vulnerabilities within the healthcare sector and raises…
Illinois Accountancy Firm Faces Legal Action Following Major Data Breach Affecting Over 217,000 Records A significant data breach has recently come to light involving an Illinois-based accountancy firm, which has sparked legal repercussions due to the exposure of more than 217,000 sensitive records. The breach has raised serious concerns about…
Cybercrime, Data Breach Notification, Data Security Texas Incident Represents Largest Data Breach by a Health Plan Reported in 2025 Marianne Kolbasuk McGee (HealthInfoSec) • March 14, 2025 New Era Life Insurance Companies is notifying 355,500 individuals of a breach impacting their data, marking the year’s largest health data breach reported…
Privacy Laws in the U.S.: A Complex Landscape In an age where our online interactions are increasingly scrutinized, understanding who is managing our personal data becomes crucial. While those ubiquitous “Accept Cookies” banners might seem trivial, they signify a deeper issue regarding how personal data is collected and managed in…
As cyberattacks become increasingly prevalent, organizations globally must enhance their security measures. Concurrently, governments are intensifying regulations aimed at addressing these evolving threats. This shift positions compliance not merely as a procedural task but as a vital strategic initiative. Institutions are now tasked with aligning their cybersecurity frameworks with international…
Government, HIPAA/HITECH, Industry Specific U.S. Agencies Challenge DEI Initiatives While Enforcing HIPAA Regulations Marianne Kolbasuk McGee ( HealthInfoSec) • March 11, 2025 The Office for Civil Rights at the Department of Health and Human Services, responsible for enforcing HIPAA, has launched inquiries into several medical institutions related to their DEI…
State Privacy Laws Impacting AI and Machine Learning in Healthcare In a recent discussion at the HIMSS 2025 conference in Las Vegas, regulatory attorney Adam Greene from the law firm Davis Wright Tremaine highlighted the implications of state privacy regulations on the use of consumer data in artificial intelligence (AI)…
Cybersecurity Risks Ramp Up Amid Geopolitical Tensions and Regulatory Changes As organizations grapple with the challenges posed by geopolitical tensions, uncertain supply chains, and rapidly evolving regulatory landscapes, the urgency for robust risk management programs has surged. Companies are increasingly focusing on mitigating risks associated with their business relationships as…
