Privacy & Security (308)

No matter how big or small a healthcare organization is, a full understanding of its assets is critical to cyberdefense, says Luta Security's Katie Moussouris as she shares insights on national infrastructure security.

Etay Maor, chief security strategist at Cato Networks, says artificial intelligence is useful to the good guys and bad guys alike: "How do we hack in AI systems? And how do we use AI systems to our advantage?"

Before implementing AI tools, Matt Murren, CEO of True North ITG, says leaders must ensure that data flows freely between their EHR and practice management systems, and that they know how the tool will fit into existing procedures.

Eric Liederman, CEO of CyberSolutionsMD, says that since financial institutions have greatly increased their security measures, bad actors now see healthcare organizations as more vulnerable and lucrative targets.

Michael Gross, Cleveland Clinic's manager of cybersecurity intelligence, says healthcare leaders can build stronger cyberdefense strategies by involving each department across their organizations.

The current HIPAA rule lays the groundwork for a new forward-looking approach as the stakes are ever higher, says Ferdinand Hamada, managing director of Healthcare, Pharma & Life Sciences (HPLS) sector at MorganFranklin Cyber.

Karly Rowe, interim president of Inovalon's provider business unit, says that, after the Change Healthcare breach, healthcare organizations are diversifying their buying strategies and asking about vendors' cybersecurity policies.

Lee Kim, senior principal of cybersecurity and privacy at HIMSS, says 2024's healthcare cybersecurity incidents highlighted third-party vendor risk and the need to prepare business continuity plans and tabletop exercises in case of attack.

The new security rule is very specific on required technical controls, but it can also help to better position healthcare organizations to manage their third-party risks, says Garrett Weber, Akamai Technologies field CTO for enterprise security.

Tjasa Zajc, special advisor for HIMSS and moderator for the HIMSS25 Global Leaders Exchange panel, says a digital health literacy maturity model would aid in training and inspiring staff to adopt new tools and cybersecurity practices.

Scott Mattila, COO at Intraprise Health, says 23% of all cyberattacks are against healthcare organizations and warns that AI enables more sophisticated phishing and smishing tactics.

Tom Leary, HIMSS SVP and head of government relations, discusses his department's plans for working within the U.S. and with other countries on AI, cybersecurity, digital health transformation and workforce development.