Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

Healthcare AI and HIPAA compliance: 5 key legal questions + answers
Training AI for use in healthcare requires feeding algorithms patient data, and lots of it. This opens data custodians—typically hospitals—to various points of potential legal exposure.
Federal AI security center established, called an ‘overwhelming win’ for businesses, hospitals
The AI Security Center, AISC for short, has as its inaugural leader U.S. Army General Paul Nakasone.
Automated, AI-equipped security tools help hold the line on data breaches
When it comes to identifying and containing data breaches, organizations armed with security AI plus automation spend 108 days fewer than their differently prepared counterparts.
Overheard this week: 6 notable quotes on healthcare AI
‘We need to design and build AI that helps healthcare professionals be better at what they do.’
China’s AI concerns presented for public consumption
Tech-enabled risks are top of mind for the head of the Chinese Communist Party—and AI is prominent among these.

Rodriguez to vacate OCR director post

The Office of Civil Rights soon will have an opening in its top spot.

January 13, 2014

GAO calls out CMS, other agencies for inconsistent data breach practices

A General Accounting Office report takes several federal agencies to task, including the Centers for Medicare & Medicaid Services, for inconsistently implementing policies and procedures when responding to a data breach involving personally identifiable information.

January 10, 2014

Employee snooping cause of breach at Va. health system

Hundreds of patients at Riverside Health System in Newport News, Va., will receive free credit monitoring services after a random audit determined that an employee had inappropriately accessed EMR data.

January 6, 2014

Practice hit by $150K fine for lacking thorough security policies

A Massachusetts dermatology practice has agreed to a $150,000 settlement for privacy and security violations. Adult & Pediatric Dermatology, which offers services in Massachsuetts and New Hampshire, also is required to put a corrective action plan in place to fix deficiencies in its HIPAA compliance program, according to the settlement with the Department of Health and Human Services.

January 2, 2014

Health information collected, sold by ‘data broker' industry

A multi-billion dollar industry “that largely operates hidden from consumer view” is systematically collecting, using and selling consumer data for marketing purposes, according to a 42-page report from the Senate Committee on Commerce, Science and Transportation.

December 22, 2013

Go Direct for Improved & Secure Interoperability Between EHRs

President & CEO of DirectTrust, David C. Kibbe, MD, MBA, shares how Direct messaging is driving interoperability and privacy of protected health information.

December 19, 2013

Integrating privacy, security for better compliance

Moving the privacy and security of healthcare function from the IT department to the compliance team may be a good move for healthcare organizations, according to Phil Curran, chief information security and privacy officer for Cooper University Health Care in Camden, N.J. Curran spoke during a Dec. 17 webinar on integrating privacy and security presented by the Institute for Health Technology Transformation.

December 18, 2013

AHA comments on NIST proposed cybersecurity framework

In response to the National Institute of Standards and Technology's call for comments regarding a cybersecurity framework, the American Hospital Association is urging the agency to ensure that the framework remains flexible and voluntary within the healthcare industry's private sector.

December 17, 2013

Around the web

Health Exec

These health systems have the biggest digital health portfolios

U.S. health systems are increasingly leveraging digital health to conduct their operations, but how health systems are using digital health in their strategies can vary widely.

Health Exec

Toylike robot pleases counseling clients where humanoid counterpart struggles to connect

When human counselors are unavailable to provide work-based wellness coaching, robots can substitute—as long as the workers are comfortable with emerging technologies and the machines aren’t overly humanlike.

Health Exec

Medsender, Patagonia Health team up to aid public health efforts against COVID-19

A vendor that supplies EHR software to public health agencies is partnering with a health-tech startup in the cloud-communications space to equip state and local governments for managing their response to the COVID-19 crisis.

Cybersecurity

Healthcare AI and HIPAA compliance: 5 key legal questions + answers

Federal AI security center established, called an ‘overwhelming win’ for businesses, hospitals

Automated, AI-equipped security tools help hold the line on data breaches

Overheard this week: 6 notable quotes on healthcare AI

China’s AI concerns presented for public consumption

Around the web