An unauthorized party stole patient data from Nashville, Tenn.-based HCA Healthcare and posted it to an online forum. 

Hospitals and health systems whose providers use ChatGPT could be opening themselves up to HIPAA violations and lawsuits if they are not careful with patient data, two health policy experts wrote in JAMA.

Wilmington, Del.-based Henrietta Johnson Medical Center's EHR vendor, Delaware Health Net, suffered a cyber event that has compromised patients' protected health information at its organization. 

When I talk to healthcare industry leaders about cyber resiliency, I get a lot of affirmative head-nodding and positive feedback. And why not? Healthcare resiliency, in general, and in cybersecurity particularly, is a concept that is easy to get behind.

Hospitals and health systems should be on the lookout for a cybersecurity vulnerability affecting a Medtronic cardiac device data system, the American Hospital Association warned July 6.

Kronos, a time-keeping and human resources company now known as UKG, has paid $6 million to settle a December 2021 data breach lawsuit that affected multiple hospitals and health systems' payrolls, Top Class Actions reported July 5. 

As cybersecurity remains top of mind for health system IT leaders, here are the 10 largest healthcare data breaches so far in 2023 by the number of individuals affected, as reported July 5 by Chief Healthcare Executive.

The closure of Spring Valley, Ill.-based St. Margaret Health due in part to a ransomware attack reignited debate over how the government can best protect the critical American healthcare infrastructure from cyber threats.

A "sophisticated criminal cyberattack" may have breached the data of 559,000 patients at Murfreesboro (Tenn.) Medical Clinic & SurgiCenter, the healthcare provider said.

Bar Harbor, Maine-based Mount Desert Island Hospital reported a data breach affecting 24,180 patients to HHS.

Nineteen U.S. health systems operating 33 hospitals have been hit with ransomware attacks so far in 2023, according to an analyst with cybersecurity firm Emsisoft.

Allentown, Pa.-based Lehigh Valley Health Network has confirmed that its Jan. 8 cyberattack was conducted by Russian ransomware gang BlackCat.

Here are nine hospitals and health systems dealing with cybersecurity events that have taken their systems offline or have compromised patients' protected health information:

Whether to pay ransom in the event of a cyberattack is not a clear decision for hospital and health system leaders, Chief Healthcare Executive reported June 29.

Two Idaho Falls, Idaho-based hospitals and partnering clinics are still working to restore their systems after being hit by a cyberattack on May 30, eastidahonews.com reported June 29.

Wilmington, Del.-based Henrietta Johnson Medical Center is notifying patients of exposure to Delaware Health Network's data breach.

HHS' Office for Civil Rights reached a settlement with iHealth Solutions, a software and services provider for healthcare providers based in Louisville, Ky., regarding violations of HIPAA privacy and security rules.

Franklin, Tenn.-based Community Health Systems is facing another lawsuit over a January data breach that affected an estimated 1 million patients.

Fifty percent of the most common passwords in the U.S. are also among the most hacked passwords, according to SafetyDetectives.com.

Berlin, Md.-based Atlantic General Hospital has discovered that the data of 136,981 patients may have been compromised in a January ransomware attack.