Privacy & Security

Karly Rowe, Inovalon_Las Vegas skyline Photo by halbergman/E+/Getty Images

Provider-vendor relationships are being reshaped by high-profile cyberattacks

By HIMSS TV | 05:56 pm | April 21, 2025

After the Change Healthcare breach, healthcare organizations are diversifying their buying strategies and asking about vendors' cybersecurity policies, says Karly Rowe, interim president of Inovalon's provider business unit.

CISA offers risk mitigation guidance after reports of Oracle Cloud breach

By Mike Miliard | 11:16 am | April 21, 2025

"While the scope and impact remains unconfirmed, the nature of the reported activity presents potential risk to organizations and individuals," according to the cybersecurity agency.

Stack of $100 U.S. dollars on loose bills

CISA extends CVE program contract for 11 months

By Andrea Fox | 03:29 pm | April 16, 2025

The initial expiration of MITRE's contract for the Common Vulnerabilities and Exposures program was a shock to many cybersecurity experts. But the Cybersecurity and Infrastructure Security Agency quickly pledged that there would be no lapse in service.

Lee Kim, HIMSS_Las Vegas skyline Photo by halbergman/E+/Getty Images

Past year's data breaches often stemmed from remediable cybersecurity gaps

By HIMSS TV | 10:49 am | April 16, 2025

Healthcare security incidents in 2024 highlighted third-party vendor risk and the need to prepare business continuity plans and tabletop exercises in case of attack, says Lee Kim, senior principal of cybersecurity and privacy at HIMSS.

Doctor checking and tracking information on a computer

HHS updates regulatory guides for the safe use of EHRs

By Andrea Fox | 11:55 am | April 15, 2025

ASTP has released the 2025 SAFER Guides, which aim to improve health systems' adherence to electronic health record best practices. They were updated by clinicians with informatics training and informaticians with clinical experience.

Garrett Weber, Akamai Technologies_Data security illustration by KrulUA/iStock/Getty Images Plus

Tougher HIPAA compliance positions risk reductions

By HIMSS TV | 11:27 am | April 10, 2025

Garrett Weber, Akamai Technologies field CTO for enterprise security, explains how the new HIPAA security rule requires healthcare organizations to use specific technical controls, but it can also help to better position third-party risk management.

HHS employees fear IT staff reductions could destabilize agency

By Andrea Fox | 12:05 pm | April 09, 2025

The mass layoffs have severely undercut essential IT, policy and contracting functions, and sources say they fear critical expertise has been lost. The government could hire contractors to fill the gaps, putting ousted employees in an ethical bind.

A nurse checking a patient's record on a digital tablet

Ex-NUH staff fined for unauthorised access of patient record

By Adam Ang | 11:26 pm | April 08, 2025

The former senior patient service associate pled guilty to the charge.

Close Your Hospital’s OT Network Cybersecurity Gap

By Close Your Hospital’s OT Network Cybersecurity Gap | 04:23 pm | April 08, 2025

Mitigating and responding to cyberattacks can cost hospitals and health systems millions of dollars per incident. To prevent these attacks, most healthcare organizations have taken steps to safeguard their information technology (IT) network containing patient data and financial records. However, many may not realize that their operational technology (OT) network comprising staff card access, HVAC and other systems may be vulnerable as well.

Ben Wolf, partner in Alston & Bird’s Health Care Group

Q&A: What FDA layoffs mean for medtech approvals

By Jessica Hagen | 02:53 pm | April 08, 2025

Ben Wolf, partner in Alston & Bird's Health Care Group, told MobiHealthNews how FDA staffing cuts could slow device approvals and what companies can do to stay ahead.

AI Leadership Strategy Summit