Privacy & Security

hands on keyboard
Cybersecurity In Focus
Where rural hospitals can find cybersecurity threat intelligence
By Andrea Fox | 11:53 am | April 23, 2025
Securing a patchwork of IT systems can be a tall order for small facilities, but collaboration and info sharing is helpful, says one chief security officer.
Karly Rowe, Inovalon_Las Vegas skyline Photo by halbergman/E+/Getty Images
Provider-vendor relationships are being reshaped by high-profile cyberattacks
By HIMSS TV | 05:56 pm | April 21, 2025
After the Change Healthcare breach, healthcare organizations are diversifying their buying strategies and asking about vendors' cybersecurity policies, says Karly Rowe, interim president of Inovalon's provider business unit.  
Cybersecurity lock icon
CISA offers risk mitigation guidance after reports of Oracle Cloud breach
By Mike Miliard | 11:16 am | April 21, 2025
"While the scope and impact remains unconfirmed, the nature of the reported activity presents potential risk to organizations and individuals," according to the cybersecurity agency.
Stack of $100 U.S. dollars on loose bills
CISA extends CVE program contract for 11 months
By Andrea Fox | 03:29 pm | April 16, 2025
The initial expiration of MITRE's contract for the Common Vulnerabilities and Exposures program was a shock to many cybersecurity experts. But the Cybersecurity and Infrastructure Security Agency quickly pledged that there would be no lapse in service.
Lee Kim, HIMSS_Las Vegas skyline Photo by halbergman/E+/Getty Images
Past year's data breaches often stemmed from remediable cybersecurity gaps
By HIMSS TV | 10:49 am | April 16, 2025
Healthcare security incidents in 2024 highlighted third-party vendor risk and the need to prepare business continuity plans and tabletop exercises in case of attack, says Lee Kim, senior principal of cybersecurity and privacy at HIMSS.
Doctor checking and tracking information on a computer
HHS updates regulatory guides for the safe use of EHRs
By Andrea Fox | 11:55 am | April 15, 2025
ASTP has released the 2025 SAFER Guides, which aim to improve health systems' adherence to electronic health record best practices. They were updated by clinicians with informatics training and informaticians with clinical experience.
Garrett Weber, Akamai Technologies_Data security illustration by KrulUA/iStock/Getty Images Plus
Tougher HIPAA compliance positions risk reductions
By HIMSS TV | 11:27 am | April 10, 2025
Garrett Weber, Akamai Technologies field CTO for enterprise security, explains how the new HIPAA security rule requires healthcare organizations to use specific technical controls, but it can also help to better position third-party risk management.
HHS building in Washington, DC
HHS employees fear IT staff reductions could destabilize agency
By Andrea Fox | 12:05 pm | April 09, 2025
The mass layoffs have severely undercut essential IT, policy and contracting functions, and sources say they fear critical expertise has been lost. The government could hire contractors to fill the gaps, putting ousted employees in an ethical bind.
A nurse checking a patient's record on a digital tablet
Ex-NUH staff fined for unauthorised access of patient record
By Adam Ang | 11:26 pm | April 08, 2025
The former senior patient service associate pled guilty to the charge.
Worker using tablet
Close Your Hospital’s OT Network Cybersecurity Gap
By Close Your Hospital’s OT Network Cybersecurity Gap | 04:23 pm | April 08, 2025
Mitigating and responding to cyberattacks can cost hospitals and health systems millions of dollars per incident. To prevent these attacks, most healthcare organizations have taken steps to safeguard their information technology (IT) network containing patient data and financial records. However, many may not realize that their operational technology (OT) network comprising staff card access, HVAC and other systems may be vulnerable as well.