Data Warehousing

The technology, called Locate Mask, is designed to facilitate compliant data sharing without diminishing its value, according to the vendor – improving innovation and analytics potential.

The Shared Responsibility Matrix aims to streamline the assurance process for privacy and security, helping assign responsibilities and reduce misunderstandings when healthcare organizations work with cloud service providers.

The self-developed platform, powered by Medicomp's Quippe Clinical Data Engine, will officially go live later this spring in the hospital's ED, with an expansion planned later in the year.

The modern cyber threat landscape means health systems can't take any chances on their networks. At HIMSS20, one expert will describe the ethos of "never trust, always verify."

Ransomware, coupled with an expanded attack surface thanks to a proliferation of internet-connected medical devices, are among the top security concerns health players should be concerned about in 2020. Additionally, a troubling new trend of attacking automatic software and firmware update systems, as highlighted in March 2019’s "Shadowhammer" attacks, is another vector for malware that can be hard to protect. These trending risks are particularly important due to the proliferation of new medical technologies and because often with these technologies the stakes are higher. "Ransomware will continue to be the biggest issue as attackers have seen the urgency they can create that can lead to payment," Dr. Saif Abed, CEO of Clinical Cyber Defense Systems, told HealthcareIT News. "Attacks will become more frequent and indiscriminate." He predicted the "zero trust" approach would emerge as a key strategic approach, an IT security model that requires strict identity verification for every person and device trying to access resources on a private network, regardless of whether they are sitting within or outside of the network perimeter. "The reality will be focusing on the basics," he said. "Know what and who are connecting to your network, identify vulnerabilities and have a patching strategy." He noted that while much is made of the security issues surrounding medical devices it’s much bigger than that as far the broadening of the attack surface. "Interoperability coupled with increasing M&A activity in healthcare will be larger driving factors that attackers will exploit," he said. "Unpatched IoT endpoints, whether they’re medical devices or not, will simply contribute to the porosity of networks and the ability to move laterally to maximize harm." He explained most attackers exploit simple vulnerabilities and, unfortunately, these continue be pervasive.. "Health systems are gradually improving with more leadership in the space but far greater investment is needed in people, processes and technology to get most where they need to be," Abed said. Mounir Hahad, head of Juniper Threat Labs at Juniper Network, told HealthCareITNews he believes ransomware would continue to pose a significant risk to many verticals, with healthcare "very near the top" of that target list. "This is because attackers know there are lives at stake in an industry where cybersecurity is not a primary concern for most users--practitioners and staff," Hahad explained. "This makes them an easier target for social engineering attacks and also a wealthy target that cannot withstand long downtimes." KnowBe4 security awareness advocate Erich Kron predicted that until industries can disrupt the income being generated by ransomware, the threat would continue to grow. "The healthcare industry is especially vulnerable due to the need for timely access to medical records for treatment, the amount of sensitive data being collected and the threat of substantial fines for non-compliance and data breaches," he noted. "The attackers know this and use this to their advantage." Kron said the biggest threat to healthcare he sees evolving in 2020 is the threat of exfiltrating and then leaking data when organizations fail to pay the ransom. He explained that in the past, a good backup strategy, offsite copies of data and the ability to quickly restore data have been enough to avoid paying the ransom. "However, with the threat of data being exposed, these steps, no matter how well executed can still end up with disastrous consequences," he said. "Just the fact that they attackers can exfiltrate data and have the keys to decrypt it will be a major concern with respect to HIPAA violations in future events."  Meanwhile, cellular 5G technology will allow a much larger proliferation of IoT medical devices as we enter 2020, and the security implications of this are enormous. "A lot of processing of information will move closer to the edge of networks and will be disaggregated for scale and performance, shining a light on new attack surfaces," Hahad explained. Kron pointed out that as more equipment is introduced to hospital networks, the ability to monitor, patch and secure devices becomes exponentially more difficult. "In addition, the increasing complexity of connected equipment significantly raises the stakes with respect to failures in these areas," he said. "Not only do we need to be concerned about taking a connected pump offline or disrupting monitoring stations, we are also having to concern ourselves with securing immensely more complex systems such as surgical robots." Nathan Eddy is a healthcare and technology freelancer based in Berlin. Email the writer: nathaneddy@gmail.com Twitter: @dropdeaded209

These trends are good news for provider organizations looking to improve care, gain efficiencies and trim costs, an InterSystems vice president predicts.

While cloud vendors offer a basic infrastructure environment, it’s up to the healthcare client to design it and own it, says BIDMC's Manu Tandon.

Healthcare information technology will be the focus of investors in 2020, with interest in the pharmaceutical and biotech sector, home and hospice care and managed care companies also high on the list, according to a KPMG report including survey results from 333 investment professionals. WHY IT MATTERS The study projected the healthcare and life sciences industry would likely continue to be an attractive investment target for the foreseeable future, as national healthcare spending rises to $6 trillion by 2027. Overall, more than three-quarters (76%) of respondents thought the health IT market would grow faster than the overall healthcare and life sciences market. Healthcare analytics, cloud-based EHRs and workflow applications, revenue cycle management software, and telemedicine are among the IT products of greatest interest to investors. The medical technology space, which includes precision medicine, robotics and smart wearables, is expected to continue to grow at a pace of more than 5% per year, with annual sales worldwide expected to reach $800 billion by 2030, according to KPMG. Indeed, robotic surgery is one of the main potential areas of investor focus in 2020, alongside AI-enabled devices, while in the more classic medical device segment, the robotic surgery market is expected to continue to attract M&A interest. As artificial intelligence and robotic process automation are more widely deployed, they will help re-humanize medicine by allowing doctors to focus less on paperwork and administrative functions, and more on patient care. In the area of revenue cycle management, KPMG's report urged investors to look for technologies that facilitate one patient experience continuum from scheduling to treatment to billing. When it comes to home health and hospice care, potential investors are looking for firms that provide a spectrum of services across nonmedical home care that range from activities of daily living and basic home healthcare for the transitional period after a hospital or rehab stay, all the way to home hospice scenarios. THE LARGER TREND Despite the demand for investment in healthcare IT innovators, a study released earlier this week indicates health systems don't always make good use of the technology they already have in place. A Black Book survey of 748 providers organizations found the vast majority of them are failing to meaningfully integrate data analytics into their clinical and operational workflows, despite widespread availability of the technology. ON THE RECORD "We believe we are entering a very exciting time for investment in healthcare and life sciences," the report concluded. "Despite unknowns related to the 2020 election and uncertain industry regulatory challenges, there are significant investment opportunities across the industry." The report predicted these opportunities would continue to gain momentum in 2020 due to multiple factors, including the push towards consumer-centric care delivery and connected medical devices, as well as new models of vertical integration, and consolidation for scale and efficiencies. Nathan Eddy is a healthcare and technology freelancer based in Berlin. Email the writer: nathaneddy@gmail.com Twitter: @dropdeaded209

VPN vulnerabilities, variations of "the Blues" and PACS imaging servers are among the risks the Health Sector Cybersecurity Coordination Center, or HC3, is tracking.

The center will use precision genomics to discover, address and treat genetic diseases, many of which affect infants and children and can cause life-long disability.