Hello world,
Today’s Paubox Weekly is 544 words - a 2 minute read.
Want to get this type of content delivered to your inbox every Friday? Subscribe to Paubox Weekly.
CISA and the HHS unveiled the Cybersecurity Toolkit for Healthcare and Public Health tailored to meet the specific needs and challenges of healthcare organizations.
What they're saying: "Adversaries see healthcare and public health organizations as high value yet relatively easy targets – or what we call target rich, cyber poor." said CISA Deputy Director Nitin Natarajan.
A significant rise in cyber attacks against hospitals
Healthcare organizations must keep patient data secure, and finding communication methods that offer strong encryption and access controls can be difficult.
The big picture: With billions of email accounts globally, its prevalence makes it accessible to most patients who find it easier than portals.
The best channel for referrals or patient communication
The HIPAA breach report for September 2023 analyzes PHI breaches affecting 500 or more people as reported to the Department of Health and Human Services.
Four times more people impacted than last year
The city of Philadelphia has released a notice of a data breach that occurred in the late spring.
What happened: Affected individuals may have also had protected health information exposed. While the investigation is ongoing, investigators determined that an unauthorized actor may have gained access to Philadelphia city emails and other information.
The total number of affected individuals is unclear
Personal Touch Holding Corp has reached a settlement with the New York Attorney General regarding a potential HIPAA violation case.
What happened: The attacker accessed 5 accounts and encrypted 35 servers, resulting in a breach of personal and protected information of 753,107 individuals. The vulnerabilities were known at the time of the attack.
Insufficient access controls cost them $350,000