Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.
Maimonides is committed to finalizing our partnership with NYC Health and Hospitals as quickly as possible to benefit our patients, communities and staff. We remain confident that the transaction will ultimately be approved.
Eight individuals were arrested and 15 charged in a scheme to defraud Medicare of over $50 million by running sham hospice facilities across Southern California. Federal officials described the actions as brazen efforts to commit fraud, with many billed patients not being terminally ill.
HHS Chief Information Officer Clark Minor stated that consolidating the CTO, CDO, and CAIO roles within his office allows the department to move faster on shared platforms and protect systems more effectively.
If you run a business, there's a familiar email you probably opened this fall: the one from your benefits broker with your 2026 health insurance renewal. You scroll. You see a double-digit increase, and your stomach drops. You want to do right by your team. You also have a P&L to protect. And the three standard options you're handed - pay the increase, raise deductibles or push more cost onto employees - all feel bad in different ways.
There is a growing emphasis on database compliance today due to the stricter enforcement of compliance rules and regulations to safeguard user privacy. For example, GDPR fines can reach £17.5 million or 4% of annual global turnover (the higher of the two applies). Besides the direct monetary implications, companies also need to prioritize compliance to protect their brand reputation and achieve growth.
The idea echoes a policy implemented during his first term, when Trump suggested that requiring hospitals to post their charges online could ease one of the most common gripes about the health care system the lack of upfront prices. To anyone who's gotten a bill three months after treatment only to find mysterious charges, the idea seemed intuitive. "You're able to go online and compare all of the hospitals and the doctors and the prices,"
In a single streaming pipeline, you might be processing HL7 FHIR messages with frequent specification updates, claims data following various payer-specific formats, provider directory information with inconsistent taxonomies, and patient demographics with privacy redaction requirements. Our member eligibility stream processes roughly 50,000 records per minute during peak enrollment periods.
U.S. federal authorities and industry officials are urging hospitals and clinics to address a critical flaw in BeyondTrust Remote Support and Privileged Remote Access software, which if exploited, could give an attacker a foothold inside a corporate network. The U.S. Department of Health and Human Services in an alert Thursday warned healthcare and public health sector organizations to review and address the vulnerability in light of rising cyberattacks targeting those entities.
We've excised the text, but suffice it to say that the whiteboard contains usernames and passwords for system access. It's a change from a Post-it note stuck to the screen, but it's no less likely to make a security professional shriek in horror. After all, not only is the account exposed, but anyone can use it, which renders an access log somewhat redundant.
The incident occurred between May 22 and May 23 and involved access to files containing personally identifiable information (PII) and protected health information (PHI) pertaining to affiliated physicians and practices. In an incident notice on its website, the company revealed that the hackers stole names, addresses, dates of birth, diagnostic details, provider names, dates of service, treatment information, and health insurance information.
Industry lawsuits quickly blocked most of the regulation, with two federal courts ruling that Medicare exceeded its authority. Following the 2024 elections, Congress barred implementation of the standards before 2034. Last month, the Centers for Medicare and Medicaid Services (CMS) repealed the rule entirely. Hunter called the move devastating with advocates saying it signals a retreat from oversight. It's clear (CMS) has no interest in ensuring adequate staffing, said Sam Brooks of the National Consumer Voice for Quality Long-Term Care.
As Theresa Defino recently reported, HHS OCR will prioritize risk assessments and expand its investigations into risk management in 2026. Alisa Chestler and Layna Cook Rush of Baker Donelson have summarized some recent recommendations from HHS OCR's January 2026 Cybersecurity Newsletter that regulated entities may want to pay increased attention to at this point: Patching Is a Required Risk Management Activity Legacy Systems and Unpatchable Vulnerabilities Are Not Excuses Unnecessary Software and Default Accounts Create Hidden Risk
In 2026, the US healthcare system is changing. Enhanced Affordable Care Act subsidies have expired, causing premiums for marketplace plans to spike - and pricing some families out of health insurance entirely. President Donald Trump's One Big Beautiful Bill Act will reduce coverage for some patients with Medicaid and funding for hospitals, especially those in rural areas. Costs for Medicare and private insurance are also rising: Employer-based healthcare premiums have increased by 9%, the largest rise in more than a decade.
