The Office for Civil Rights (OCR) has clarified it is the responsibility of covered entities to make breach notifications in the wake of the Change Healthcare cyberattack, even if the task is delegated to associates such as UnitedHealth Group (UHG). The OCR also gave specific instructions on the reporting procedure and started the 60-day clock for notification, thereby alleviating concerns about the incident’s regulatory impact.

New Triada comes preinstalled on Android devices
A new variant of the Triada Trojan has been discovered pre-installed on Android devices, enabling data theft from the moment the device is set up,