HIPAA Journal

HIPAA Journal offers the most extensive online coverage of HIPAA-related news available.

National

English

Journal

Outlet metrics

Domain Authority

Ranking

Global

#238994

United States

#62308

Health/Health

#1357

Traffic sources

Monthly visitors

Articles

Cyber Insurance Provider Reports Fall in Claims Frequency in 2024

6 days ago | hipaajournal.com | Steve Alder

Posted By Steve Alder on May 9, 2025 A new report from a leading cyber insurance provider shows a slight decline in claims for ransomware attacks in 2024. Claim amounts for ransomware-related losses were down 7% from the previous year, according to the Coalition 2025 Cyber Claims Report.
Imagine360 Settles Data Breach Lawsuit for $475,000

6 days ago | hipaajournal.com | Steve Alder

Posted By Steve Alder on May 9, 2025 A settlement has received preliminary approval from a judge to resolve a class action complaint against Imagine360 over a 2023 hacking incident involving its Citrix file-sharing solution. Imagine360 is a Chesterbrook, Pennsylvania-based company that offers health plan administration and telemedicine services. On or around January 30, 2023, suspicious activity was identified within its Citrix file-sharing solution.
NIST Privacy Framework Updated to Incorporate Latest Cybersecurity Guidelines

6 days ago | hipaajournal.com | Steve Alder

Posted By Steve Alder on May 9, 2025 The National Institute of Standards and Technology (NIST) has issued a draft update to its Privacy Framework to incorporate the latest cybersecurity guidelines and practices. The NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management is a voluntary tool that provides a set of strategies for organizations to adopt to improve their approach to protecting personal data.
Vulnerabilities Identified in Pixmeo OsiriX MD DICOM Viewer

6 days ago | hipaajournal.com | Steve Alder

Posted By Steve Alder on May 9, 2025 Three vulnerabilities have been identified in Pixmeo OsiriX MD, the most widely used DICOM medical image viewing software in the world, including a critical remotely exploitable flaw that could result in credential theft. The most serious vulnerability is due to credentials being transmitted in cleartext by the Osirix MD Web Portal. The lack of encryption for the transmitted credentials means they could be intercepted by a threat actor.
Outsourced HIPAA Compliance

1 week ago | hipaajournal.com | Steve Alder

Posted By Steve Alder on May 8, 2025 Outsourced HIPAA compliance is when a HIPAA-regulated entity engages external consultants to manage part, or all, of the organization’s HIPAA compliance obligations in order to support an existing in-house compliance team, as an alternative to building an in-house team, or in response to a HIPAA security incident. Outsourced HIPAA compliance services can be structured in various ways.
Patient Monitoring Device Manufacturer Recovering from Cyberattack

1 week ago | hipaajournal.com | Steve Alder

Posted By Steve Alder on May 8, 2025 Masimo, a manufacturer of patient monitoring devices, filed a Form 8-K with the U.S. Securities and Exchange Commission (SEC) on Tuesday to alert investors about a cyberattack that has affected its manufacturing facilities. Masimo said some of its manufacturing facilities have been operating at less than normal levels since the attack, which is affecting the company’s ability to process, fulfill, and ship customer orders.
$20 Million Settlement Agreed to Resolve Fortra GoAnywhere Data Breach Multidistrict Litigation

1 week ago | hipaajournal.com | Steve Alder

Posted By Steve Alder on May 8, 2025 A $20 million settlement has received preliminary approval from a Federal judge to resolve multidistrict litigation against the software provider Fortra, its clients, and their customers over a 2023 hacking incident involving the Fortra GoAnywhere managed file transfer (MFT) solution. The Clop ransomware group exploited a zero-day vulnerability in the solution to gain access to customer data.
Arizona Arthritis and Rheumatology Associates & Mon Health Report Phishing Incidents

1 week ago | hipaajournal.com | Steve Alder

Posted By Steve Alder on May 8, 2025 Arizona Arthritis and Rheumatology Associates and Monongalia Health System have had email accounts compromised as a result of phishing attempts on their employees. Phishing typically involves the impersonation of trusted entities and social engineering to trick individuals into clicking a link in an email and disclosing their account credentials.
HIPAA Compliance for Software Development

1 week ago | hipaajournal.com | Steve Alder

Posted By Steve Alder on May 7, 2025 HIPAA compliance for software development is an important consideration for vendors and service providers who intend to develop or provide software for the healthcare and health insurance industries that will be used to create, receive, store, or transmit Protected Health Information. However, software HIPAA compliance is rarely the only consideration.
OSHA to Hold Public Hearing on Proposed Heat Injury and Illness Standard

1 week ago | hipaajournal.com | Steve Alder

Posted By Steve Alder on May 7, 2025 The U.S. Department of Labor’s Occupational Safety and Health Administration (OSHA) is hosting a virtual public hearing on June 16, 2025, on its Notice of Proposed Rulemaking (NPRM) on Health Injury and Illness Prevention in Outdoor and Indoor Work Settings.