Hello world,
Today’s Paubox Weekly is 469 words - a 2 minute read.
Several US federal government agencies have been hit in a global cyberattack that exploits vulnerabilities in MOVEit Transfer and MOVEit Cloud systems.
Why it matters: MOVEit, a managed file transfer product is widely used for HIPAA compliant transfers. These vulnerabilities could compromise the security of data transfers and expose hospitals and healthcare organizations to potential breaches.
What's next: The US Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that it is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications.
Go deeper:
Did you know?
You can earn $250 for every organization you send our way. Here's how.
What happened: At least 4 civil suits have been filed and allege that a lack of proper cybersecurity measures caused the incident.
Was Harvard Pilgrim Health Care negligent?
The bottom line: There wasn't much litter to pick up in downtown Minneapolis.
Last week, the Supreme Court ruled to narrow the reach of identity theft law, rejecting an interpretation of the law that would add 2 years in prison for certain felonies.
What happened: The issue was brought before the court because of a man who was convicted of overbilling Medicaid for psychological services never provided to patients.
Resolving the law's unintended consequences
The HIPAA safe harbor provision is designed to lessen financial penalties and shorten compliance inspections for covered entities.
Why it matters: The provision exempts covered entities from financial penalties and corrective action plans if they can prove that they implemented recognized security practices for at least one year.
Allows the HHS to exercise discretion