Jessica Davis

The Government Accountability Office discovered vulnerabilities in three states and said that other state-run health insurance exchanges may be at risk too.

Pfizer and IBM are teaming up to combat Parkinson's Disease with analytics and the IoT, the companies announced Thursday.

The Venture Fund challenge will award winners money, mentorship and the opportunity to pilot emerging technologies.   

With the recent surge in ransomware attacks, cybersecurity is a top priority for healthcare organizations across the nation. But even if providers have top security measures in place, there's another component to consider: the vulnerabilities of third- and fourth-party vendors. Almost three-quarters of businesses said cybersecurity incidents related to vendors are increasing, according to a recent Ponemon Institute survey, requested by BuckleySander and Treliant Risk Advisors. About half of the respondents said their organization experienced a data breach caused by a vendor, but 16 percent of respondents were unsure if a breach had occurred. And another 65 percent said managing cybersecurity incidents involving vendors is difficult. "The type of risk we're seeing now is changing in response to our evolving data-driven economy," Rena Mears, managing director of BuckleySandler, said in a statement. "The risk to strategic data assets extends beyond any single third-party, but rather to the web of relationships that comprise the data ecosystem." [Also: Lack of business associate agreement, risk analysis to cost Minnesota health system $1.55 M in HIPAA fines] More than a third of businesses don't believe their third-party vendors would notify them if a data breach occurred. And a staggering 73 percent of respondents don't believe a fourth-party vendor would contact them regarding a data breach. A fourth-party vendor is often hired by the third-party vendor. Survey respondents admitted their organizations shared sensitive data with third-parties that may have poor security policies in place. More than half said they weren't able to determine the safeguards in place by their vendors to prevent a data breach and 60 percent of respondents said their organizations don’t monitor their vendors’ security and privacy practices. Only 41 percent said their vendors' safeguards were sufficient. "The inability of so many companies to confirm whether third-parties have had a data breach or cyberattack involving sensitive and confidential information should be a wake-up call for businesses across all industries," said Susanna Tisa, chief business officer of Treliant Risk Advisors, in a statement. "To mitigate this risk, companies should compile a comprehensive inventory of and conduct data and privacy risk assessments for all third-party vendors," Tisa added. "However, we found few companies represented in this research, in particular those outside the regulated banking sector, have done so." Twitter: @JessieFDavis Email the writer: jessica.davis@himssmedia.com Like Healthcare IT News on Facebook and LinkedIn

The Samsam and Maktub Locker malicious code programs attack vulnerable patches and spread to all systems connected to a network.  

The United States Department of Homeland Security and the Canadian Cyber Incident Response Center issued a joint cyber alert on March 31, in response to the recent surge in ransomware attacks on hospitals and other organizations.

PowerWare is similar to the Locky virus in that it's delivered via email through a Microsoft Word document that resembles an invoice and locks down the system until the ransom is paid.

Assistant U.S. Surgeon General Rear Admiral Michelle E. Dunwoody is taking on a temporary senior advisor role to Flint Mayor Karen Weaver as the Michigan city continues to grapple with a water crisis, HHS announced on Friday.  Dunwoody will work with Weaver to establish both short- and long-term goals for the City of Flint Public Health and Medical Recovery and work with city officials to outline the job description for a future full-time Flint-employed Public Health official, while providing insight to building and managing public health and medical infrastructure.  “My priority has always been, and will always be, that Flint’s families have the resources they deserve, as well a voice which allows them a say in how their community’s future is built,” Weaver said in a statement. The partnership is "an opportunity to continue building relationships, while ensuring some of our country’s best experts are working with us to find solutions.”  To that end, Dunwoody will also oversee a Corps-based community engagement team. "Admiral Dunwoody brings a wealth of expertise to expand the technical capability of the Mayor’s office and ensure Flint develops the local expertise needed to help the community recover in the days, months and years to come," HHS Assistant Secretary for Preparedness and Response Nicole Lurie said in a statement.  Nearly 500,000 residents of Flint have been exposed to water contaminated by lead, and currently much of the city is living off of bottled water rations. The appointment comes after a Commissioned Corps strike force cleared a backlog of blood lead level screening results in partnership with the Genesee County Health Department. HHS leaders have made several visits to Flint to assess the crisis, including Secretary Sylvia Burwell, Acting Assistant Secretary for Health Karen DeSalvo and U.S. Surgeon General Vivek H. Murthy. [Like Healthcare IT News on Facebook] "Ensuring the men, women and children of Flint have the same opportunity as all Americans to live healthy lives is a team effort, and I have seen first-hand just how dedicated city leaders, city and county health officials, and our Commissioned Corps officers have been to that cause,” said DeSalvo in a statement. The Commissioned Corps are made of up doctors, nurses, scientists and engineers. Over 30 officers have responded to the Flint water crisis; assisting with behavioral health training, supporting volunteers in community engagement efforts, helping to staff the Genesee County Health Department's information line and providing materials to answer callers' questions. “The people of Flint need clean water. They need medical care. And, above all, they need trusted voices to communicate the best available public health information in the midst of a crisis,” Murthy, Commissioned Corps commander, said in a statement. Twitter: @JessiefDavis

Twenty-one companies were awarded spots on the Department of Veterans Affairs' $22.3 billion Transformation Twenty-One Total Technology Next Generation acquisition program, or T4NG, the federal agency announced this week. The IT modernization project supports the MyVA Initiative -- designed to realign and integrate the VA's disparate organizational boundaries to better serve veterans. This award is unrelated to the VA's recently reported discussions around its VistA electronic health record system. [Also: CIO says VA should rethink VistA, consider other off-the-shelf EHRs] "This T4NG award is one of the many ways the Department is supporting the MyVA breakthrough initiatives by directly providing the technology our Veterans need to support the services they receive from VA," said VA Secretary Robert McDonald, in a statement. "The T4NG will help meet and strengthen VA's long-term technology needs." T4NG will deliver awardees contractor-provided IT service solutions, such as technical support, program management, strategy planning, systems/software engineering, enterprise network engineering, cybersecurity and other IT and health IT support. [Like Healthcare IT News on Facebook] Under T4NG, the firms can bid on any T4NG requirements or service task orders. The base ordering period is five years and a five-year option period. Among the firms included in the IT contracts were Booz Allen Hamilton, CACI-ISS, HMS Technologies, Kforce Government Solutions, Ellumen and SRA International. This round of T4NG awardees builds upon the last five-year, $12 billion T4 contract given to 15 vendors in July 2011. Some companies, such as Booz Allen and CACI were included in the 2011 awards. Twitter: @JessiefDavis

e-MDs, an Austin, Texas-based developer of ambulatory electronic health records and practice management tools, will acquire several technology assets from McKesson Business Performance Services. Terms of the deal were not disclosed. The technologies include McKesson Practice Choice, Medisoft, Medisoft Clinical, Lytec, Lytec MD and Practice Partner. e-MDs officials say the tools will be used by some 55,000 of its provider customers nationwide. The company hopes the acquisition will benefit small- to medium-sized practices and broaden e-MDs' presence in the ambulatory IT market. [Like Healthcare IT News on Facebook] "The McKesson team supporting these products is passionate about the same thing we are- helping doctors maintain focus on the patient,” said e-MDs CEO Derek Pickell in a statement. "All of us at e-MDs look forward to aligning this team with ours to bring e-MDs’ full suite of solutions to thousands of new providers across the country." "e-MDs is the perfect fit for these assets because it has award-winning technology ideally suited to this customer base,” said Scott Sanner, general manager of McKesson Business Performance Services, in a statement. Twitter: @JessiefDavis