<ul><li>The Office for Civil Rights of the Department of Health and Human Services (OCR) has reached a $250,000 settlement with Cascade Eye and Skin Centers following a ransomware attack on the organization.</li><li>This is the fourth settlement against a victim of a ransomware attack. Ransomware and hacking are the primary cyber-threats in health care, with a significant increase in reported breaches involving ransomware attacks.</li><li>The OCR's investigation found that 291,000 files were affected by the attack, revealing potential violations of HIPAA by Cascade for failing to conduct a risk analysis and have adequate system monitoring.</li><li>This settlement serves as a reminder that even victims of criminal attacks must still adhere to HIPAA regulations, emphasizing the importance of having a robust compliance program in place.</li></ul>

OCR Settles Fourth Ransomware Investigation

Discover more