Privacy & Security

IT leaders need to take a step back and ensure they are truly prepared to use large language models, says one computer scientist who offers detailed deployment advice.

At the HIMSS 2023 Healthcare Cybersecurity Forum, Dr. Christian Dameff, medical director of cybersecurity for the University of California San Diego, will address bringing all stakeholders to the table to talk about protecting care quality.

The American Telemedicine Association seeks to ensure that expanding telehealth programs are treated like any other healthcare delivery model and meet standards for patient safety, data privacy and information security.

Despite difficulties with in-depth scans and legacy software risks, the director of medical device and IoT security at Henry Ford Health says more responsibility from device manufacturers and new regs from the FDA make him optimistic.

Romel Khalife, UAE and Kuwait GM at Oracle Health shares his insights about the company's vision, highlighting its role in promoting security, reliability, innovation, and resource planning, all within a single strategic framework.

The cloud has been pivotal in improving health system efficiency and speeding up innovation over recent years, but its benefits remain enigmatic to those outside of the tech sphere. A new report aims to shed light on this revolutionary technology.

Learn best practices for protecting health system networks.

In the realm of healthcare, ensuring cybersecurity is not just the concern of Chief Information Security Officers (CISOs). It involves a strategic approach to protect sensitive information and systems, and this responsibility falls on various individuals within an organisation. Cybersecurity strategies must be tailored to each organisation, accounting for factors such as size, sector, and industry-specific regulations. Regardless of these differences, the challenge remains: organisations of diverse teams with varying expertise, cultures, and priorities.  In the context of healthcare delivery organisations (HDOs), where biomedical practitioners and support staff are integral to daily operations, the connection between cybersecurity and patient safety is critical. However, engaging these individuals in cybersecurity discussions can be complex due to certain barriers:  Lack of understanding or technical background: biomedical practitioners may have limited knowledge of technology and cybersecurity and may not understand the implications of insecure systems or practices.  Different priorities: Biomedical practitioners’ primary focus is on patient care, while the CISO’s primary focus is on protecting systems and data.  Resistance to Change: Biomedical practitioners may be resistant to changes in workflow, especially if they believe that security changes or security measures will slow down their ability to provide care.  Time Constraints: Clinical staff often have limited time and may not prioritise cybersecurity training or discussions. To overcome these challenges, it’s important to take a proactive approach and communicate the benefits of initiatives that security teams are driving. Here are strategies that have proved effective:  Explain the risks: When implementing significant changes, offer clear reasons behind the alterations. Highlight the potential consequences if a change isn’t made, explain the risks and reasons why you’re doing what you’re doing, and you’ll build a team of allies.  Emphasise patient safety: Articulate the impact of cybersecurity initiatives on patient safety. Explain how securing systems can improve patient safety by protecting sensitive information and ensuring uptime of systems when they are resilient to cyberattacks. Taking a device offline for maintenance can be a disruptive event for clinical care, but collaborating with clinical staff to educate them on patient safety impacts of not patching a device can alleviate some of the operational pain associated with device downtime.  Provide training: Offer training sessions to help biomedical staff to understand the importance of cybersecurity, and practical measures to be cyber-safe every day in both professional and personal settings. Regularly educate your staff about cybersecurity topics such as phishing and using strong passwords. Biomedical staff are often exposed to different cyber risks in the care setting than your knowledge workers. Realise the biggest training impact by ensuring you tailor training to be relevant and specific to the audience.  Be available: Create an open communication environment. Make security controls transparent to deter risky behaviours and encourage best practices. Establish a connection with biomedical staff, addressing their queries and understanding their concerns.  Lead by example: Demonstrate the importance of security by following the practices in your own team, and encourage others to do the same with open cyber communications.  By taking these steps, biomedical staff can gain a deeper appreciation for the role of cybersecurity in their field and work together to enhance patient safety, improve the organisation's security infrastructure, and ultimately create a more secure and efficient healthcare environment. At Claroty, we understand that establishing strong healthcare cybersecurity is no easy task. With the experience of working with many HDOs, the Claroty team brings a wealth of practical knowledge to optimise workflow and speed up the time to value from the engagement. We help teams drive ROI while ensuring the highest quality of care within a secure digital landscape.

Multiple awards for proposals to buttress digital health technology security, improve the fitness of healthcare analytics and strengthen healthcare software development are possible, according to the BAA.