Compliance & Legal

It's a "completely different environment" compared to just a few years ago, said one expert at HIMSS23, as CISOs and others offered perspective on navigating expensive and exacting cyber policies.

The agency hopes the NPRM provisions will further move the needle on interoperability, expanding "appropriate access, exchange and use of electronic health information" with an eye toward health equity, said the National Coordinator for Health IT.

The Supreme Court's decision in Dobbs v. Jackson Women's Health Organization affected healthcare data and access, as well as other key privacy regulations, says Matthew Fisher, general counsel at Carium, in a preview of his HIMSS23 discussion.

By taking legal action, the companies will effectively sever connections to "cracked" copies of Cobalt Strike used in more than 68 ransomware attacks on healthcare organizations.

AHIP President and CEO Matt Eyles says he fully expects an appeal.

Providers, hospitals and medical device manufacturers can use the company's Cyber Supply Chain Risk Management application to minimize software-based security risks.

Many health organizations are working to get patient information flowing more seamlessly, but data overload can frustrate clinicians. In a HIMSS23 Views from the Top session preview, athenahealth CEO Bob Segert offers thoughts on how IT can help.

The cybersecurity agency proactively identifies critical infrastructure information systems that contain known ransomware vulnerabilities and provides owners with mitigation guidance to take immediate action.

Jointly developed as a public-private partnership, the new Cybersecurity Framework Implementation Guide from HHS aims to help healthcare organizations assess their current practices and risks and identify gaps.