Electronic Health Records (EHR, EMR)

He discusses the particular cybersecurity challenges for post-acute care settings, and previews a HIMSS25 session that will help IT leaders at nursing homes, home health and assisted living groups can improve their privacy and security postures.

The company says in a 46-page detailed argument that Epic sought to deliberately eliminate its ability to gain payer market share and "brazenly doubles and triples down on knowingly false statements about Particle in its motion."

Healthcare providers and IT vendors in the region have weighed in with their predictions for healthcare technology in the new year.

This past year was a busy one, with new policy changes, cybersecurity challenges, EHR optimization advancements, innovations in patient care and, yes, a whole lot of AI.

The agency seeks to make its first HIPAA Security Rule update since 2013 to clarify what health plans, healthcare clearinghouses, providers and their business associates must do to protect the security of electronic protected health information.

Chike Okeke, chief information security officer of data exchange company Concord, offers his perspective on the safe and secure transfer of protected health information.

A cyberattack on May 8 against healthcare giant Ascension resulted in the medical data of 5.6 million customers being exposed, according to a filing with the Maine attorney general’s office published on December 20. WHY IT MATTERS In June, the health system determined that an attacker gained access to its systems after an employee at one of its facilities inadvertently downloaded a malicious file, believing it to be legitimate. The organization stated there was no indication that the incident was anything other than an honest mistake. Months of investigation with third-party experts also led to Ascension determining sensitive data belonging to current and former patients, senior living residents, and employees was potentially exposed. A December 19 announcement from Ascension noted the compromised information varies by individual and may include medical details such as medical record numbers, dates of service, lab test types and procedure codes. Payment information, including credit card or bank account numbers, insurance details ranging from Medicaid and Medicare IDs to policy numbers and claims, government identification, including Social Security numbers, tax IDs, driver’s licenses or passports, and personal information such as addresses and dates of birth were potentially involved. Ascension also confirmed its electronic health records and other core clinical systems, where full patient records are securely stored, were not accessed during the attack. THE LARGER TREND Among the other major healthcare breaches in 2024 include a cyberattack against Change Healthcare in February, which impacted 100 million people – the largest breach ever reported to federal regulators. In April, Kaiser Permanente reported that 13.4 million people were affected by a data breach that exposed patient and plan members' information. Meanwhile, legislation is being proposed to bolster healthcare cybersecurity defense in the form of the Health Care Cybersecurity and Resiliency Act. The bipartisan bill, introduced in November, would offer grants to healthcare organizations to help them shore up their ability to prevent and respond to cyberattacks. Meanwhile, governance remains a concerning weak point in healthcare, even as cyberattacks are becoming more prominent and the risks of IoT medical devices are coming into sharper focus. ON THE RECORD Tim Rawlins, senior adviser and director for security at cybersecurity consultancy NCC Group, noted healthcare will always be an attractive target, given the sheer quantity of sensitive data organizations hold and the need to make information available to the medical staff as quickly as possible. "Basic cyber security measures, individual log ins, multi-factor authentication, and patched, secure and monitored systems will go a long way to preventing these attacks," he said. Nathan Eddy is a healthcare and technology freelancer based in Berlin. Email the writer: nathaneddy@gmail.com Twitter: @dropdeaded209    

Will Cantrell, director of product solutions at InteliChart, suggests these processes are in need of modernization, and explains how integrating communication platforms with EHR systems can enhance workflow and reduce compliance risks.

The agency plans to roll out federal electronic health record systems at four Michigan facilities in mid-2026. Pre-deployment activities will kick off in the coming weeks.

Advanced approaches will improve health systems' bottom lines while enabling a "more patient-centered and provider-friendly healthcare ecosystem," says one consultant who specializes in data management.