Editor’s Note Healthcare organizations are hemorrhaging millions to cybercrime and turning to medical staff as unlikely but indispensable defenders in the face of this growing threat. As detailed in a Cyber Security News April 29 article, healthcare remains the most expensive industry for data breaches, with the average cost reaching…

Read More

Editor's Note One cyberattack can unravel years of work and financial stability for a surgical practice. That’s the central warning in an April 9 commentary by Lenworth M. Jacobs Jr., MD, MPH, FACS, professor of surgery at the University of Connecticut and director of the Trauma Institute at Hartford Hospital.…

Read More

Editor's Note Healthcare organizations are improving their ability to respond to cyberattacks but continue to fall short on preventing them—particularly when it comes to managing third-party and asset-related risks. That’s the key takeaway from the 2025 Healthcare Cybersecurity Benchmarking Study conducted by KLAS Research and partner organizations. Surveying 69 healthcare…

Read More

Editor's Note Cybercriminals breached a legacy server at Oracle Health, stealing patient data from multiple hospitals and health systems, according to a March 31 article in Healthcare Executive. The breach, discovered around February 20, occurred before Oracle migrated the affected server from Cerner's system to Oracle Cloud. According to the…

Read More

Editor's Note Misdiagnosis, delayed treatment, and a breakdown of trust in healthcare can all result from time and resource constraints preventing proper engagement with patients—a concern that tops ECRI’s list of the most significant patient safety risks for 2025. As detailed in the global healthcare safety nonprofit’s March 10 announcement,…

Read More

Editor’s Note Backdoors in Chinese-made medical monitors could put patients at risk and compromise hospital networks across the US, according to security agencies quoted in a February 23 report from CNBC. The article cites the popular Contec CMS8000 patient monitor as an example. Both the US Food and Drug Administration…

Read More

Editor's Note In an expansive session at the 2025 OR Business Management Conference, Tampa General Hospital's emergency management team demonstrated how proactive planning, strong partnerships, and real-time decision-making helped navigate multiple crises in 2024, including back-to-back hurricanes and a cyberattack on the state's blood supply. The session was presented by Erinn…

Read More

Editor’s Note Entities covered by the HIPAA security rule may soon need to adapt to more prescriptive requirements, new compliance mandates, and significantly higher costs, according to a January 24 report from TechTarget. As outlined in a December notice of proposed rulemaking (NPRM), the proposal by the Department of Health…

Read More

Editor's Note The first federal overhaul of the HIPAA Security Rule in over a decade aims to address modern cybersecurity threats but has drawn sharp criticism from health systems over its cost and feasibility, according to a January 13 article in Axios. According to the article, the proposed changes require…

Read More

Editor's Note Between 2018 and 2024, ransomware attacks on US healthcare organizations compromised nearly 89 million patient records and resulted in downtime costing an estimated total of $21.9 billion, according to a December 18 report from Comparitech. The report tallies 654 total ransomware incidents during this period targeting hospitals, clinics,…

Read More