The Office for Civil Rights in the U.S. Department of Health and Human Services is seeking input on the cybersecurity provisions and penalties outlined in the Health Information Technology for Economic and Clinical Health Act. Industry groups such as HIMSS, MGMA, and the Connected Health Initiative have responded with recommendations, including the need for a unified cybersecurity approach, flexibility for ambulatory practices, and up-to-date information about HIPAA obligations. They also emphasized the importance of safeguarding patient data and not revising the HIPAA Privacy Rule to require additional disclosures.
Unpatched Windows Shortcut Vulnerability Let Attackers Execute Remote Code
Security researcher Nafiez disclosed a vulnerability in Windows LNK files that allows remote code execution without user interaction. Microsoft will not patch it, citing “inadequate
