May31, 2017. On May 30, 2017, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) of the Department of Homeland Security (DHS) released Update G: Indicators Associated with WannaCry Ransomware (ICS-Alert-17-135-01G) that was originally released on May 15, 2017. We provide highlights and excerpts below, and recommend that your organization download the document and sign up for alerts going forward.
May 26, 2017. On May 23, 2017, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued a news release pertaining to a resolution agreement and corrective action plan with St. Luke’s-Roosevelt Hospital Center, Inc. for a settlement payment of $387,200 relating to a hospital component’s HIPAA Privacy Rule violation involving the impermissible disclosure of HIV-related protected health information.
May 17, 2017. Today, the U.S. Department of Health and Human Services (HHS) released via email, with a May 16, 2017, dateline: HHS Update #4: International Cyber Threat to Healthcare Organizations (Revised). In this issue update, HHS has covered the following issues:
May 16, 2017. The Department of Homeland Security (DHS) issued last evening an Industrial Control Systems Cyber Emergency Response Team Alert (ICS-CERT) entitled: “Indicators Associated with WannaCry Ransomware.” This alert is a follow-up to the US-CERT alert TA17-132A released on Friday, May 12, 2017. In its Summary, the (ICS-CERT) alert states:
May 15, 2017. Under the aegis of the Healthcare and Public Health Sector: Critical Infrastructure Security and Resilience Partnership, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) has issued an email alert entitled: “HHS Update #2: International Cyber Threat to Healthcare Organizations. To sign up for these alerts, visit: https://www.hhs.gov/hipaa/for-professionals/list-serve/.
May 15, 2017. For healthcare covered entities and business associates that have not implemented HIPAA Privacy and Security Rules and the HITECH Act Breach Notification Rule, the current massive, global ransomware cyberattack targeting hundreds of thousands of organizations worldwide is a ‘perfect storm’ and a wake-up call.
May 13, 2017. The Office of the Secretary (OS) of the U.S. Department of Health and Human Services (HHS) issued an email alert to subscribers at 12:11 PM today to its Office for Civil Rights (OCR) Security List entitled: “HHS Update: international cyber threat to healthcare organizations,” under auspices of the Healthcare and Public Health Sector, a Critical Infrastructure Security and Resilience Partnership. If you are unfamiliar with the current cybersecurity crisis, check out today’s New York Times article entitled: “Hacking Attack has Security Experts Scrambling to Contain Fallout.” We reproduce pertinent information from the alert below and, as the alert indicates, direct you to www.us-CERT.gov for additional information.
May 12, 2017. The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) has resolved an impermissible disclosure of a patient’s protected health information (PHI) with a payment of $2.4 million resolution settlement and acceptance of a corrective action plan (CAP) by the large not-for-profit Memorial Hermann Health System (MHHS) in Southeast Texas.
May 12, 2017. On May 11, 2017, President Trump signed an Executive Order entitled: Strengthening the Cybersecurity of Federal Networks and Infrastructure. Findings articulated in the Executive Order are:
May 5, 2017. Today, in the Federal Register, the Centers for Medicare & Medicaid Services (CMS) of the U.S. Department of Health and Human Services (HHS) published a notice entitled: “Medicare and Medicaid Programs; Quarterly Listing of Program Issuances—January Through March 2017.” The Summary and Background statements are: