Healthcare Newsletter

March 20, 2024

In This Edition:

  1. [News] Congress must understand that there’s no patient safety without strong cybersecurity: The Change Healthcare ransomware attack and the indelible impact on healthcare delivery organizations across the U.S. has pushed into its third week, spotlighting the fragile U.S. healthcare ecosystem that its stakeholders have long warned against.
  2. [Event] Transforming Healthcare Compliance: Lessons in HITRUST Readiness: Join us for an insightful webinar as we delve into the heart of healthcare compliance with a special focus on the HITRUST CSF. This session will offer a comprehensive exploration of how HITRUST CSF serves as a beacon for healthcare organizations navigating the complex landscape of security standards and regulations. Our discussion will highlight how HITRUST CSF seamlessly integrates diverse regulatory requirements, industry standards, and frameworks, providing a robust yet flexible foundation for managing the unique risks inherent in healthcare operations.
  3. [News] Lurie Children's Hospital investigating claims that stolen data was sold online: Lurie Children’s Hospital says it is investigating claims that information reportedly stolen during a recent cyberattack against the hospital was sold online, NBC 5 Investigates has learned.
  4. [Content Offer] Your Simplified Guide to HITRUST: Obtaining HITRUST Certification can be a time-consuming and resource-intensive process, but with this guide, you'll have all the necessary information at your fingertips.
  5. [Blog] A Look at 2023 Data Breaches Reported to the HHS OCR: As part of Health and Human Services (HHS), the Office for Civil Rights (OCR) is responsible for enforcing the Health Insurance Portability and Accountability Act (HIPAA) and imposing financial penalties and corrective action plans upon HIPAA violators. In accordance with the HITECH Act, section 13402(e)(4), HHS OCR is required to publish a list of breaches of unsecured protected health information that affect 500 or more individuals, which in turn requires healthcare-covered entities to report such breaches to the OCR. Reports must be submitted within 60 days of the data breach discovery.

Congress must understand that there’s no patient safety without strong cybersecurity

Web - MarketingPresentation Graphics - WEB (58)

The Change Healthcare ransomware attack and the indelible impact on healthcare delivery organizations across the U.S. has pushed into its third week, spotlighting the fragile U.S. healthcare ecosystem that its stakeholders have long warned against.

Improve Patient Safety

24By7 Security

Transforming Healthcare Compliance: Lessons in HITRUST Readiness

Transforming Healthcare Compliance Lesson in HITRUST Readiness  -1

Join us for an insightful webinar as we delve into the heart of healthcare compliance with a special focus on the HITRUST CSF. This session will offer a comprehensive exploration of how HITRUST CSF serves as a beacon for healthcare organizations navigating the complex landscape of security standards and regulations. Our discussion will highlight how HITRUST CSF seamlessly integrates diverse regulatory requirements, industry standards, and frameworks, providing a robust yet flexible foundation for managing the unique risks inherent in healthcare operations.

Secure your spot!

24By7 Security

 

Lurie Children's Hospital investigating claims that stolen data was sold online

Web - MarketingPresentation Graphics - WEB (29)-1

Lurie Children’s Hospital says it is investigating claims that information reportedly stolen during a recent cyberattack against the hospital was sold online, NBC 5 Investigates has learned.

Protect Child Data

24By7 Security

HITRUST Guide LinkedIn

Your Simplified Guide to HITRUST Compliance

 

Obtaining HITRUST Certification can be a time-consuming and resource-intensive process, but with this guide, you'll have all the necessary information at your fingertips.

 

Get your HITRUST Guide!

Web - MarketingPresentation Graphics - WEB (43)
 

A Look at 2023 Data Breaches Reported to the HHS OCR

As part of Health and Human Services (HHS), the Office for Civil Rights (OCR) is responsible for enforcing the Health Insurance Portability and Accountability Act (HIPAA) and imposing financial penalties and corrective action plans upon HIPAA violators. In accordance with the HITECH Act, section 13402(e)(4), HHS OCR is required to publish a list of breaches of unsecured protected health information that affect 500 or more individuals, which in turn requires healthcare-covered entities to report such breaches to the OCR. Reports must be submitted within 60 days of the data breach discovery.

Data Breaches in 2023

24By7 Security

 

24By7Security, Inc. is a full service Cybersecurity strategy, implementation, operations and training firm. We provide Cybersecurity and Compliance related services across all functions of the enterprise. Our Cybersecurity services include security risk assessments, vulnerability assessments and penetration testing, social engineering testing, web application testing, policies and procedures, incident response management, forensics, cybersecurity awareness training, Virtual CISO Services, and more. Our Compliance services include CMMC Readiness, CFPB/DFA, FIPA, FERPA, SOC-SSAE 18, GLBA, HIPAA, PCI, SOX, GDPR, ISO 27001, FFIEC, NIST-CSF, NYDFS Cybersecurity Regulations and others.