Editor's Note On Friday, June 24, the American Hospital Association (AHA) voiced support for the Protecting and Transforming Cyber Health Care Act (PATCH Act)—legislation that would “require medical device manufacturers to meet certain cybersecurity requirements when seeking approval for devices that are internet connected or include software” in order to…

Read More

Editor's Note According to an “electronic health information” release by the US Government Accountability Office (GAO), titled “HHS Needs to Improve Communications for Breach Reporting” and published on May 27, the Department of Health and Human Services (HHS) has seen an increase in reported breaches of health information since 2015,…

Read More

May 2022 brought business leaders and operations managers back together in person for the OR Business Management Conference. This year marked its 10th anniversary, and the intimate event highlighted several facets of the behemoth issue that is staffing. Several sessions touched on the topic, including: • “Organize the chaos and…

Read More

Editor's Note On June 16, the US Department of Health and Human Services (HSS) Health Sector Cybersecurity Coordination Center published a guidance, titled “Strengthening Cyber Posture in the Health Sector, to help health systems and other healthcare organizations “improve their overall strength, protocols, and prevention abilities for cyberattacks,” Becker’s Health…

Read More

Editor's Note According to a report from cybersecurity firm Sophos, titled “The State of Ransomware in Healthcare 2022” and published in May 2022, ransomware attacks on healthcare organizations have increased by 94% “year over year” globally, Becker’s Health IT June 6 reports. The report includes findings from an “independent, vendor-agnostic…

Read More

Editor's Note Juuso Leinonen, principal project engineer at ECRI, an independent nonprofit healthcare research organization, captured OR Business Management Conference attendees with this message: cybersecurity is a patient safety issue. Each year, ECRI produces a list of 10 health technology hazards, and in 2022, cybersecurity attacks topped the list. During…

Read More

Editor's Note According to a new report, titled “The State of Security 2022” from Software company Splunk, mass resignations and gaps in staffing may be contributing to cybersecurity companies’ inability to defend against certain cyberattacks, Becker’s Health IT April 25 reports. The report surveyed more than 1,000 cybersecurity leaders across…

Read More

Hospitals and health systems know they are attractive targets for cybercriminals. When lives are at stake, and the victims are often insured, ransomware gangs can expect a quick and easy payout. But since the Russian invasion of Ukraine on February 24, hospitals have had to face a new reality: The…

Read More

Editor's Note In an HC3: Analyst Note alert released on April 18, the Department of Health and Human Services (HHS) issued a cybersecurity threat warning for a new ransomware group named Hive that HHS called “exceptionally aggressive” and “financially motivated,” Becker’s Health IT April 20 reports. According to the alert,…

Read More

Editor's Note On March 15, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) recommended all organizations take action to “enable, enforce, and properly configure” their multifactor authentication (MFA) protocols, the American Hospital Association (AHA) March 16 reports. Russian state-sponsored actors are reportedly exploiting known vulnerabilities in MFA protocols, including…

Read More