The story behind the Health Infrastructure Security and Accountability Act

October 29, 2024 at 12:11PM In February 2024, Change Healthcare suffered a ransomware attack, impacting 110 million individuals and exposing sensitive data. The incident prompted U.S. Senate legislation, the Health Infrastructure Security and Accountability Act (HISAA), aiming to enforce stricter cybersecurity standards in healthcare. HISAA includes compliance audits and funding for enhanced security. ### Meeting … Read more

5 steps to automate user access reviews and simplify IT compliance

July 17, 2024 at 10:41AM The evolving modern work landscape, driven by distributed teams and rapid SaaS adoption, presents significant challenges in maintaining IT compliance certifications. Navigating SaaS sprawl and completing user access reviews for compliance becomes complex and labor-intensive. Nudge Security offers an automated solution, from asset discovery to generating audit-ready reports, simplifying IT … Read more

Notice of a Data Breach

May 15, 2024 at 05:21PM Hypertension-Nephrology Associates, P.C. discovered an extortion attack involving unauthorized access to sensitive patient information, including protected health information (PHI). The scope of the breach remains unclear, so the Practice is treating all PHI as potentially compromised. They are taking various measures to address the situation, including notifying potentially impacted individuals … Read more

Healthcare’s Ransomware Epidemic: Why Cyberattacks Hit the Medical Sector With Alarming Frequency

March 13, 2024 at 10:45AM Ransomware attacks on the healthcare sector continue and are unlikely to decrease due to the industry’s susceptibility to exploitation. The sector’s reliance on diverse OT devices controlled by IT systems over WiFi, coupled with challenges in patching and device management, poses a significant security risk. Segmentation is recommended to mitigate … Read more