Privacy & Security

Questions abound over what applications should be allowed and the speed of change is outstripping policy, says Matt Murren, CEO of True North ITG.  

Healthcare organizations need to invest not only in cyber defense but in preparing for resilience and recovery, says Eric Liederman, CEO of CyberSolutionsMD.  

Companies should keep cybersecurity in mind when designing and architecting  systems in order to protect themselves when a third-party partner is attacked, says Michael Gross, Cleveland Clinic's manager of cybersecurity intelligence.

The rule is a call to action to strengthen cybersecurity protections, says Ferdinand Hamada, managing director of the healthcare, pharma and life sciences sector at MorganFranklin Cyber.  

NIH received backlash after the director announced last week that it would amass private medical records to give to HHS Secretary RFK Jr. 

Swift action was needed after the attack to ensure hospitals got paid and now providers are rethinking their strategy for a more diversified approach, says Karly Rowe, interim president of Inovalon's provider business unit.  

A big risk is from third-party dependence for services, with some organizations not testing continuity plans should a breach happen, says Lee Kim, senior principal of cybersecurity and privacy at HIMSS.

The proposed updates are more specific around required technical controls, challenging security leaders when it comes to implementation, says Garrett Weber, Akamai Technologies field CTO for enterprise security.  

The resulting training would be key to cybersecurity practices because the human factor is the most important, says Tjasa Zajc, special advisor for HIMSS and moderator for the HIMSS25 Global Leaders Exchange panel.  

House subcommittee hearing on cybersecurity protection for legacy medical devices overshadowed by HHS cuts.