Search & browse the archive

First Circuit Affirms Dismissal of Data Breach Class Action for Lack of Traceable Injury

Melanie Conroy of Pierce Atwood LLP writes: The First Circuit recently affirmed dismissal of a putative data breach class action against Bayamón Medical Center (BMC), holding that the plaintiff failed to plausibly allege that her injuries were traceable to the healthcare provider’s 2019 ransomware attack. In Santos-Pagán v. Bayamón Medical Center, the court concluded that allegations... Source

Who should care: Cybersecurity · Privacy officers · Administrators

Okanogan Behavioral Healthcare Settles Class Action Data Breach Lawsuit

Okanogan Behavioral Healthcare, a Washington-based mental and behavioral health provider, has reached a class action settlement following a data breach that exposed patient information. The settlement resolves claims brought by affected individuals whose personal and health data was compromised.

Why this matters: Breaches at behavioral health providers are particularly sensitive, as exposed data can include mental health diagnoses, treatment histories, and substance use records — information that carries stigma and potential consequences for employment, custody, or insurance if disclosed.

Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · Healthcare professionals

Healthcare Report Highlights Growing Vendor Risk and Lack of Cyberattack Readiness

Cybersecurity risk is growing, and healthcare organizations are struggling to defend a rapidly increasing attack surface. AI tools are being […] The post Healthcare Report Highlights Growing Vendor Risk and Lack of Cyberattack Readiness appeared first on The HIPAA Journal.

Who should care: Healthcare professionals · Privacy officers · Compliance · General readers · AI governance · Policy

States surge ahead on healthcare AI regulation

States surge ahead on healthcare AI regulation  Modern Healthcare

Who should care: Lawyers · Compliance · General readers · AI governance · Policy

Curiosity is not an excuse: protecting patient data in healthcare

Curiosity is not an excuse: protecting patient data in healthcare  Information Commissioner's Office

Who should care: Healthcare professionals · Privacy officers · Compliance

Can certification help solve healthcare’s AI governance gap?

Can certification help solve healthcare’s AI governance gap?  Healthcare Dive

Who should care: AI governance · Lawyers · Administrators · General readers · Policy

CHAI releases AI governance guidance for health systems

CHAI releases AI governance guidance for health systems  Healthcare Dive

Who should care: AI governance · Lawyers · Administrators · Compliance · General readers · Policy

Health data: fine of 5 million euros against IQVIA

France's data protection authority CNIL has imposed a €5 million fine on IQVIA, a healthcare data and analytics company, for violations related to the handling of health data.

Why this matters: Health data ranks among the most sensitive personal information, and this enforcement action signals that regulators are willing to impose meaningful financial penalties on commercial data brokers who profit from processing it without adequate legal safeguards.

Who should care: Lawyers · Privacy officers · Compliance · Healthcare professionals

The form asked my permission to share my health data. Then it wouldn’t let me say no.

Dark patterns force patients to share their data with big healthcare networks, even when the privacy form they’re signing explicitly says they can opt-out.

Who should care: Healthcare professionals · Privacy officers · Compliance · General readers · Policy

The European Union is deploying AI across strategic sectors

Explore how the EU is deploying trustworthy AI in healthcare, manufacturing, mobility and agriculture to boost competitiveness. The post The European Union is deploying AI across strategic sectors appeared first on OECD.AI.

Who should care: AI governance · Lawyers · Administrators · General readers · Policy