Privacy & Security

The guide, which encourages secure-by-design software development, is the latest in government efforts to shore up vulnerable organizations. It summarizes cybersecurity best practices and links to free support resources.

As cyberattacks increase in scope and intensity, the Workgroup for Electronic Data Interchange is asking the U.S. Department of Health and Human Services and other federal agencies to do more to help health systems maintain operational continuity.

Also: CommonSpirit reports increased earnings in the year after a major ransomware disruption and widespread data breach.

Hackers may have entered through one of its third-party vendors.

While all facilities are reportedly open and providing care, disruptions continue, with some provider sites unable to fill prescriptions, certain procedures rescheduled and delays in diagnostic imaging and testing.

Results from an annual healthcare cybersecurity survey from HIMSS show why healthcare organizations need adaptable security strategies, perhaps including analog file backups, reports Lee Kim, senior principal of cybersecurity and privacy at HIMSS.

Meanwhile, staff at the health system say they don't have patient orders and can't page doctors. As it works to restore clinical systems, Ascension says it's working with law enforcement and sharing threat intelligence to help prevent similar attacks.

Provider organizations first should do the basics, such as following HIPAA security rule compliance and conducting a security risk analysis, advises Carolyn Metnick, partner and Healthcare and Privacy & Cybersecurity team member at Sheppard Mullin.  

The attack has disrupted clinical operations for one of the largest health systems in the country.

Also: OM1 now offers a platform that translates population patterns for clinical decision-making at the provider level.