New & Notable
Biggest healthcare data breaches reported to OCR in 2026, so far
More than 19 million individuals have been impacted by the healthcare data breaches reported to OCR so far in 2026.
Novo Nordisk discloses data breach impacting clinical trial participants
The pharmaceutical giant said it identified an IT security incident that affected a limited amount of information about clinical trial participants.
Labcorp reaches $35M settlement over American Medical Collection Agency breach
Labcorp settled a class-action lawsuit to resolve litigation stemming from a massive 2018-19 data breach at American Medical Collection Agency, a third-party medical debt collector.
Check Point warns of zero-day flaw targeted by ransomware affiliate
A vulnerability in the company’s VPN deployments has faced exploitation since early May.
— Cybersecurity DiveCalifornia AG sues over 23andMe data breach
— MedTech DiveHealthcare Strategies: A Podcast
-
A podcast for healthcare professionals seeking solutions to today's and tomorrow's top challenges. Hosted by the editors of Xtelligent Healthcare Media, this podcast series focuses on real-world use cases that are leading to tangible improvements in care quality, outcomes, and cost.
Guests from leading provider, payer, government, and other organizations share their approaches to transforming healthcare in a meaningful and lasting way.
View All Episodes
Latest News
-
Third-party pixel use greatly increases healthcare data breach risk: study
The use of third-party tracking pixels at hospitals increased breach risk by 46%, an analysis of 12 years of historical pixel usage data revealed.
-
Health-ISAC: How Claude Mythos could impact healthcare cybersecurity
Claude Mythos has the potential to enhance global cybersecurity or undermine it by becoming a weapon in the hands of threat actors.
-
HHS reorganizes OCR into three subdivisions
HHS said that the restructuring, which splits OCR into three subdivisions focused on religious freedom, civil rights and health information privacy, will not impact the office's staffing levels.
-
Missouri regulators say Conduent is not cooperating in breach investigation
Missouri regulators investigating the Conduent breach allege that the company has been unwilling to provide the information needed to assess the breach's impact.
-
CISA launches critical infrastructure cyber resilience initiative
CISA's new CI Fortify initiative emphasizes the importance of isolation and recovery to ensure critical infrastructure entities can continue key operations during a cyberattack.
-
AHA, Joint Commission launch cyber resilience program
The Cyber Resilience Readiness program aims to help health systems sustain clinical operations during cyberattacks.
Features
-
Pennsylvania vs. Character.AI: What the lawsuit signals for the AI legal landscape
The state of Pennsylvania sued Character.AI, alleging that its chatbot violated the Medical Practice Act by posing as a licensed psychiatrist.
-
Georgia Tech builds network sandbox to test hospital cyber defenses
With ARPA-H funding, Georgia Tech researchers are building a platform that emulates a hospital's network, enabling them to identify and fix vulnerabilities without risking patient care.
-
OCR director defends HIPAA updates: "The cost of doing nothing is very high"
OCR Director Paula M. Stannard addressed concerns about proposed HIPAA Security Rule updates, but said OCR has yet to decide which, if any, of the proposals will ultimately be finalized.
-
Managing shadow AI risks as healthcare embraces innovation
At HIMSS, experts spoke about managing shadow AI risk with governance, education and technical safeguards.