HHS reverses course, allows Change Healthcare to file breach notifications for others

The Department of Health and Human Services changed course on Friday and announced that it will allow Change Healthcare to file breach notifications on behalf of the thousands of organizations impacted by February's ransomware attack.
HHS updated a previously released FAQ page from April 19 that said every organization affected by the hack of Change Healthcare would have to file their own breach notices with federal and state regulators, enraging the thousands of hospitals, clinics and doctor's offices that are still recovering financially from the outages caused by the attack.
Change Healthcare handled about 1 in 3 medical records and processed about half of all medical claims in the U.S. at the time of the breach.
The CEO of UnitedHealth, Change Healthcare's parent company, told Congress this month that about one-third of all Americans had information accessed by the hackers.
HHS's focus, she said, is that everyone who had information exposed during the ransomware attack be notified that their data was breached.
The statement ends mounting confusion over a situation that had enraged healthcare entities across the U.S. Hundreds of organizations sent a letter to HHS last week demanding more information on who would be responsible for notifying victims about the leak of their health data.
When contacted for comment last week, HHS directed Recorded Future News to the April 19 version of the FAQ. HHS did not respond to followup questions confirming whether that was still accurate.
Friday's announcement by HHS was met with praise by several associations that represent the healthcare industry.
Chad Golder, American Hospital Association general counsel and secretary, said in a statement that the decision is what they asked of HHS in March.


This Cyber News was published on therecord.media. Publication date: Fri, 31 May 2024 21:40:16 +0000


Cyber News related to HHS reverses course, allows Change Healthcare to file breach notifications for others

HHS reverses course, allows Change Healthcare to file breach notifications for others - The Department of Health and Human Services changed course on Friday and announced that it will allow Change Healthcare to file breach notifications on behalf of the thousands of organizations impacted by February's ransomware attack. HHS updated a ...
1 week ago Therecord.media
Cybersecurity in the Healthcare Industry: Protecting Patient Data - In the rapidly advancing era of technology, the healthcare industry faces a critical challenge: protecting patient data from cyber threats. This article will emphasize the significance of cybersecurity in the healthcare industry and explore the ...
4 months ago Securityzap.com
Why healthcare data is often the target of ransomware attacks - Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom. Cybercriminals are increasingly focusing on ...
2 weeks ago Techtarget.com
HHS proposes new cybersecurity requirements for hospitals through HIPAA, Medicaid and Medicare - The United States Department of Health and Human Services said it is planning to take a range of actions in an effort to better address cyberattacks on hospitals, which have caused dozens of outages across the country in recent months. First reported ...
6 months ago Therecord.media
HHS to investigate UnitedHealth and ransomware attack on Change Healthcare - The U.S. Department of Health and Human Services is launching an investigation into the ransomware attack on Change Healthcare following weeks of disruption to healthcare and billing operations at hospitals, clinics and pharmacies across the country. ...
3 months ago Therecord.media
Best Cloud Security Providers for Healthcare Services - Cloud Security Providers for Healthcare offer specialized services to protect data and applications hosted in cloud environments. When picking a cloud security providers for healthcare, it's important to think about things like how well they follow ...
4 months ago Cybersecuritynews.com
The Imperative for Robust Security Design in the Health Industry - COMMENTARY. In an era dominated by digital innovation and technological advancements, healthcare companies find themselves at the intersection of immense opportunity and equally unprecedented risk. The digitalization of patient records, electronic ...
4 months ago Darkreading.com
Atlas Healthcare Confirms Data Breach Affecting Residents' Social Security Numbers - On October 14, 2023, Atlas Healthcare provided notice of a recent data breach after learning that an unauthorized actor was able to access the company's computer system. In this notice, Atlas explains that the incident resulted in an unauthorized ...
6 months ago Jdsupra.com
Changing How Healthcare Works: Big News in Communication - In a pivotal transformation within the healthcare industry, a prominent shift is currently unfolding. Direct Secure Messaging has emerged as a game-changer, modernising the way vital information is shared among healthcare providers, pharmacies, and ...
3 months ago Cysecurity.news
US govt probes if ransomware gang stole Change Healthcare data - The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group subsidiary Optum, which operates the Change Healthcare platform, in late ...
3 months ago Bleepingcomputer.com
Norton Healthcare discloses data breach after May ransomware attack - Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. Norton Healthcare serves adult and pediatric patients in more than 40 clinics and ...
6 months ago Bleepingcomputer.com
Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
6 months ago Securityboulevard.com
Ransomware's appetite for US healthcare sees known attacks double in a year - Following the February 21 attack on Change Healthcare, scores of people in the US have been living with the brutal, real-world effects of ransomware. It has also created skyrocketing pharmacy bills, pushed some healthcare providers to the edge of ...
2 months ago Malwarebytes.com
Cybersecurity Management Lessons from Healthcare Security Breaches - 2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. Unusual activity detected on May 8, 2024, caused Ascension ...
2 weeks ago Esecurityplanet.com
Data breach at French healthcare services firm puts millions at risk - French healthcare services firm Viamedis suffered a cyberattack that exposed the data of policyholders and healthcare professionals in the country. Though the company's website remains offline at the time of writing, an announcement was posted on ...
4 months ago Bleepingcomputer.com
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
5 months ago Securityboulevard.com
Pharmacy Delays Across US Blamed on Nation-State Hackers - Change Healthcare, a technology services provider for pharmacies, experienced a cyberattack from a suspected nation-state threat actor that has created widespread delays for patients who need prescription refills across the US. Change Healthcare is a ...
3 months ago Darkreading.com
Unveiling the true cost of healthcare cybersecurity incidents - As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors seeking to exploit vulnerabilities. The consequences of a cybersecurity ...
5 months ago Helpnetsecurity.com
Ransomware gang starts leaking alleged stolen Change Healthcare data - The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company. In February, Change ...
1 month ago Bleepingcomputer.com
Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
4 months ago Securityzap.com
Future Health: AI's Impact on Personalised Care in 2024 - As we dive into the era of incorporating Artificial Intelligence into healthcare, the medical sector is poised for a profound transformation. AI holds immense potential in healthcare, offering groundbreaking advancements in diagnostics, personalised ...
5 months ago Cysecurity.news
Change Healthcare's New Ransomware Nightmare Goes From Bad to Worse - Change Healthcare is facing a new cybersecurity nightmare after a ransomware group began selling what it claims is Americans' sensitive medical and financial records stolen from the health care giant. RansomHub claimed it had health care data on ...
1 month ago Wired.com
Best Network Security Providers for Healthcare - The exponential growth of Electronic Health records, telemedicine, and interconnected medical devices creates a complex healthcare ecosystem demanding robust network security. Network security providers specializing in healthcare offer a ...
4 weeks ago Cybersecuritynews.com
DDoS attack revealed as cause of online service outage at public healthcare institutions - A distributed denial-of-service attack has been identified as the cause of an online service outage that affected several public healthcare institutions in Singapore. The attacks are continuing, according to national healthtech agency Synapxe, which ...
6 months ago Zdnet.com
A prescription for insights: Cisco Full-Stack Observability supercharges healthcare - The National Institutes of Health indicates that AI applications will cut annual US healthcare costs by $150 billion - about $460 per person the US - in 2026. Digital transformation among healthcare organizations, and the chronic lack of resources to ...
3 months ago Feedpress.me

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)