Skip to main content

Privacy & Security

The U.S. Capitol, Washington, D.C.
By Mike Miliard | 12:04 pm | November 27, 2024
The Health Care Cybersecurity and Resiliency Act of 2024 would provide grants to help healthcare organizations strengthen prevention and response - and push for better coordination between HHS and CISA.
HHS building
By Andrea Fox | 11:46 am | November 27, 2024
The Office of Civil Rights could have initiated follow-up after discovering security flaws, but "rarely initiated these reviews when it identified serious compliance issues," according to the HHS inspector general's audit program review.
Anahi Santiago at ChristianaCare_Healthcare Cybersecurity Forum 2024
By HIMSS TV | 10:21 am | November 27, 2024
Anahi Santiago, chief information security officer at ChristianaCare, says the architecture to develop security programs is shifting as providers manage a larger number of partners in the supply chain and in hospital at home programs.
Agency cybersecurity infosec illustrated by many colored streams harnessed by a lock
By Andrea Fox | 11:47 am | November 20, 2024
In its FISMA review for FY 2024, the watchdog agency said that the U.S. Health and Human Services was unable to meet managed and measurable maturity for core metrics.
Dr. Benoit Desjardins of the University of Montreal
By HIMSS TV | 10:52 am | November 20, 2024
Dr. Benoit Desjardins, professor at the University of Montreal, explains that attacks haven't changed. The interconnectedness of hospitals with each other and third parties means that, when one is impacted, the entire health system can be affected.
Healthcare CIO with other healthcare executives
By Nathan Eddy | 11:57 am | November 19, 2024
The typical chief information officer in healthcare is taking on more responsibility for determining strategy and digital transformation, with 84% of CIOs now part of their organization's executive leadership team. That's just one stat from a recent WittKieffer survey of CIOs and chief digital officers that also found the majority (54%) are reporting directly to the CEO. The report also found some shifts in IT titles. While traditional CIO titles remain common, with 71% retaining this designation, one in five now hold the title of chief digital and information officer, indicating a shift toward emphasizing digital transformation responsibilities. Two-thirds of these CDIOs were appointed within the last three years, indicating a recent trend toward integrating digital functions at a high level. A highly prized role Nick Giannas, senior partner with WittKieffer, said there are few C-suite leaders as pivotal to an organization's future as the CIO. "Healthcare organizations greatly value the role, partnership, and impact of their CIO at all levels," he said. "They seek their advice and guidance as they prioritize digital and AI initiatives to enable efficiency, improve the patient and provider experience and care outcomes overall." Current IT priorities include preparing for AI and machine learning adoption, anticipated by 92% of CIOs by 2025. The immediate focus, however, appears to be on foundational efforts, with 47% prioritizing advancing security programs. Forty percent of respondents said they were committed to major system implementations, such as electronic health records and enterprise resource planning systems. Abu Mirza, global SVP of digital products and engineering for GE HealthCare, said health systems increasingly prioritize the adoption of AI and cloud-enabled technologies, particularly those helping with scalability and cost-efficiency. "It's a trend that we'll continue to see in 2025, especially as we see such technologies drive measurable benefits when it comes to the enhancement of patient care and improved operational efficiencies," he said. Job satisfaction, high turnover Despite a high turnover rate – 53% of CIOs have assumed their roles within the last three years – job satisfaction is high, with 78% describing themselves as "extremely" or "very" satisfied. Brian Ackley, chief technology officer at UpScriptHealth, said organizations need to think holistically about their technology staff or they will suffer from high turnover rates. "Currently there is high turnover because skilled resources have many options available to them," he explained. "Generally if a CIO is happy at their current company, feels respected, appreciated, reasonably well compensated, and believes there is an excellent career track, there is no reason to seek employment elsewhere." He added fundraising for healthcare IT companies has been challenging in recent years and many have been companies unable to raise another round of capital, which makes alternatives intriguing for technology resources. "Technology leaders are in very high demand and compensation has been escalating," he said.  Matching expected CIO compensation The survey results suggested compensation trends parallel this rise in authority, as nearly half (47%) of CIOs appointed in the past three years earn over $500,000 annually. WittKieffer consultant Zachary Durst said it's important to emphasize compensation is dependent on organization size and scope, geography and other factors. The report points out that salaries are increasing across the board, especially for those executives who move to a new employer – a quarter of CIOs who changed jobs increased their income by more than 20%. "This implies that organizations may need to reevaluate annual salary adjustments to retain existing IT leaders in an increasingly competitive market," Durst said. He added it's important for the organization to know what market expectations are for CIOs and other key IT team members so they can adjust accordingly rather than lose key personnel. CIOs plan for expanded IT workforce More than two-thirds (68%) of CIOs surveyed said they plan to maintain or expand their IT teams, with a strong commitment to internal talent, as 87% of organizations said they plan to outsource less than a quarter of their IT functions. Talent development remains a top priority, although challenges in enhancing team performance (59%) and creating development opportunities (53%) indicated the need for focused skill-building initiatives. Dr. Harvey Castro, a physician and healthcare consultant, said upskilling programs are a key part of the effort to retain and bolster internal talent. "Continuous learning opportunities in areas like AI/ML, cloud technologies, and cybersecurity keep IT staff competitive and prepared for the demands of healthcare technology," he said. This commitment to skill development should be accompanied by efforts to build a collaborative culture, where interdisciplinary teams merge IT and clinical expertise to drive impactful solutions. To retain top talent, many organizations are also establishing structured career pathways. "Clear growth opportunities within the organization give employees a reason to stay and develop their careers internally," Castro explained. Flexible work models, career development In addition, flexible work models, including hybrid and remote options, have become essential offerings, especially as healthcare IT adapts to post-pandemic expectations. Beyond proficiency in AI/ML and data analytics, a strong understanding of cybersecurity frameworks is critical to protect sensitive healthcare data. "Cybersecurity is a top priority given the importance of protecting patient information," Castro said. Hillary Ross, managing partner, information technology practice leader for WittKieffer, recommended healthcare organizations cast a wider net for talent into other industries, especially for individuals who may be interested in working in a mission-driven industry like healthcare. "Create individualized development plans that map out how an individual can grow and advance within the organization and in their careers," she said. Nathan Eddy is a healthcare and technology freelancer based in Berlin. Email the writer: nathaneddy@gmail.com Twitter: @dropdeaded209
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
By HIMSS TV | 11:28 am | November 19, 2024
George Pappas, healthcare cybersecurity expert and CEO of Intraprise Health, says HIPAA is just a baseline for new state regulations that include incident reporting within 72 hours.
George Pappas of Intraprise Health on cybersecurity
Cybersecurity In Focus
By Bill Siwicki | 10:58 am | November 18, 2024
A cybersecurity CEO offers advice on tactics healthcare CISOs and CIOs should use to protect sensitive telehealth data, and how providers can adopt a proactive security stance specific to virtual care.
Lee Kim at HIMSS_Global Health Equity Week 2024
By HIMSS TV | 05:04 pm | November 15, 2024
For Global Health Equity Week, HIMSS senior principal of cybersecurity and privacy Lee Kim describes some of the ways how privacy and security intersect with health access and patient engagement – and how artificial intelligence can help.
U.S. Department of Homeland Security seal
By Mike Miliard | 10:56 am | November 15, 2024
The U.S. Department of Homeland Security sees three areas of concern as artificial intelligence is used across critical infrastructure sectors: attacks using AI, attacks targeting AI systems and design, and implementation failures.