The Department of Health and Human Services has fined two entities, New York-Presbyterian Hospital and Columbia University Medical Center, a total of $4.8 million for HIPAA violations. The breach occurred in 2010 when the personal health information of 6,800 patients ended up on Google due to a server deactivation. The article also highlights the high costs associated with breaches and the decreasing number of breaches reported by healthcare organizations in recent years.

Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Witnesses at a House hearing on medical device cybersecurity highlighted the need for better tracking of devices and their vulnerability to cyber threats. They noted