By Zac Amos – Cyberattacks on medical devices pose uniquely dangerous threats, facilitating data loss, enabling malfunction and risking lives. However, a software bill of materials is an important requirement that reduces these issues.
Read More
By Lance Reid – Cybersecurity in healthcare isn’t just about compliance anymore, it’s about resilience. As threats become more sophisticated and regulators tighten expectations, healthcare organizations are facing growing urgency to find weaknesses before someone else does.
By Erik Eisen – Why Healthcare Practices Can’t Afford to Treat Cybersecurity Like a To-Do List. I’ve heard the fear and anxiety in the wake of a cybersecurity incident, “I wasn’t scared when it happened. I was scared when I realized how long we’d ignored it.” That’s the problem. “Cybersecurity” has become white noise.
By Dr. Scott Schell – As cyber threats become increasingly sophisticated, proposed updates to federal healthcare cybersecurity standards have reignited debate across the industry. Introduced in December 2024, these regulations represent the first significant update to the HIPAA Security Rule, aiming to address the advent of AI, quantum computing, and virtual reality.
By Usman Choudhary – In 2025, as AI continues to evolve, the cost of breaches skyrockets, and regulatory scrutiny tightens, healthcare organizations must go beyond technical defenses and prioritize comprehensive security awareness training.
By Lance Reid – Who doesn’t love a plan? Leaders love plans to set a positive course for their businesses. I love plans, too. Sales plans. Cybersecurity plans. Employee development plans. Business continuity plans. Plans help executives and team leaders get on the same page and move forward in a common, predetermined direction.
By Stephanie Fraser – At HIMSS25, President and CEO Hal Wolf addressed a packed room of press attendees in Las Vegas, emphasizing record-breaking attendance and the industry’s growing focus on AI integration, cybersecurity, and scenario planning as healthcare leaders navigate regulatory uncertainty.
By Lance Reid – Phishing attempts can happen at any time and to anyone within an organization. As threat vectors continue to multiply and AI becomes more powerful, attempts to extract information in order to instigate a hack or ransomware attack will only increase.
By Matt Fisher – Prior to the changeover of the administration, the HHS Office for Civil Rights went on a bit of a HIPAA settlement bender. The fast pace of announced settlements felt a bit like a clearing of the decks. The various settlements continued recent trends around the issues being selected by OCR for settlement along with the still random amount of settlements.