Privacy & Security

Imposing fines or cutting Medicare payments, in the AHA's view, would diminish resources needed to combat cybercrime.

When risks of digital disruptions are high, healthcare leaders must build business continuity plans that include holistic data management and security, says Tony Black, global director of healthcare, privacy and digital transformation at Kyndryl.  

Wagner Amaral, growth markets health industry lead at Avanade, talks about how Avanade’s comprehensive set of solutions with embedded security supports collaboration, boosts efficiency and improves patient outcomes across the healthcare ecosystem.

Meeting the cybersecurity challenges of 2024 requires healthcare organizations to boost their organizational capabilities, which are often below-average compared to other industries, researchers said.

The hospital group calls new revisions to HHS’ pixel tracking guidance "regulatory overreach," and says the update is "unlawful and unwise." Meanwhile, Massachusetts is weighing two class action suits that would allege such tracking violates wiretap laws.

And in other news, CISA directs federal agencies on Microsoft breach by Russian operatives.

Also: CloudWave and FDA extend their threat intelligence partnership to offer an open-source vendor assessment framework.

Most hospitals do not patch medical devices at the same frequency as traditional networks and need compensating security controls to address their unquantified device vulnerabilities, says Richard Staynings, chief security strategist at Cylera.

Senators Hawley and Blumenthal asked UnitedHealth Group how Change Healthcare's systems were breached, why the clearinghouse suffered "such an egregious and unexplained outage" and the extent of data compromised in the ransomware attack.

The agency says threat actors are targeting organizations' IT help desks with phone calls from a local area code claiming to be revenue cycle or administrator employees. After gaining access, they divert legitimate payments.