The American Hospital Association (AHA) is calling on the Food and Drug Administration (FDA) to develop evaluation standards and measurements to assess the impacts of medical tools that use artificial intelligence.  On Monday, AHA Senior Vice President for Public Policy Analysis and Development Ashley Thompson  responded to a request  from the FDA for an evaluation of AI-enabled medical devices. In the recommendation letter, she said the AHA supports AI policy frameworks that

In today’s digital age, healthcare organizations face increasing challenges in protecting sensitive patient information. The rise of cyber threats, regulatory requirements, and the complexity of healthcare systems make data risk management a critical priority. Effective strategies can help healthcare providers safeguard data, maintain patient trust, and comply with legal standards. Understanding Data Risk Management in Healthcare Data risk management in healthcare involves id

I n today’s healthcare environment, protecting sensitive patient information is more critical than ever. With the rise of digital records and interconnected systems, healthcare providers face increasing risks from cyber threats and data breaches. Ensuring robust patient data protection is essential not only for compliance with regulations but also for maintaining patient trust and delivering quality care. The Importance of Protecting Patient Data in Healthcare Healthcare orga

Regulatory risks are also increasing. AI-enabled monitoring spans national borders, third-party vendors and multiple data processing intermediaries. As global regulations evolve, healthcare organizations must comply with shifting frameworks for data protection, software validation, device certification and cross-border data transfer. The study emphasizes that without clarity, compliance failures could lead to legal, financial and reputational harm.

Across Canada, doctors and nurses are quietly using public artificial-intelligence (AI) tools like ChatGPT, Claude, Copilot and Gemini to write clinical notes, translate discharge summaries or summarize patient data. But even though these services offer speed and convenience, they also pose unseen cyber-risks when sensitive health information is no longer controlled by the hospital.

When hackers target healthcare systems, medical devices can be high-impact casualties. Clinical technology is complex and multifaceted, incorporating online systems with hardware devices. The technology has led to advances in care and diagnostic success, but also increased potential vulnerabilities. When a network is knocked offline, medical devices can also be affected.

Humans are the weakest link in cybersecurity, and the healthcare industry is no exception. Healthcare workers may not think of themselves as part of the cybersecurity team, but they’re often the last line of defense for facilities when cyberattackers take aim, primarily because they’re often making decisions related to access and identity.

Just as the cybersecurity profession has evolved, so have the novelty and sophistication of the threats analysts fight. Years ago, threats were relatively static, so when they hit an organization, chances were the security software the security operations center (SOC) was using had a signature to handle it. As long as you weren’t patient zero—or at least under patient ten—there was a solution at your fingertips. Today, threat actors are a lot more adept at making the payload

Healthcare leaders continue to treat cybersecurity as a technical safeguard instead of a strategic business function, according to the 2025 US Healthcare Cyber Resilience Survey by EY. The study, based on responses from 100 healthcare executives, outlines six areas where hospitals and health systems must act to close resilience gaps that threaten patient care  and operations.

Healthcare organizations' concerns about cyber threats were also mixed with complacency, according to a new survey from Travelers. And one analyst says too few providers are taking action to protect themselves and their patients against cyber risk.

Healthcare organizations may think they’re HIPAA compliant, but a new report from email security company Paubox  shows that many are silently sending protected health information without encryption, many without even knowing it. What healthcare gets wrong about HIPAA and email security , calls out a dangerous disconnect: “Most healthcare organizations have policies and tools that appear to check every HIPAA box. The issue is a disconnect between configuration and verification

I ’ve worked with healthcare organizations long enough to notice a pattern: Many treat HIPAA compliance as a finish line. Once they've checked off a few items, passed an audit or updated a document or two, it gets put on the shelf until something goes wrong. But the reality is different. HIPAA compliance isn’t a one-time task; it’s a moving target, especially as new tech stacks emerge, mobile apps become patient-facing and data is shared through third-party APIs more than eve

When cybercriminals attacked her hospital, a chief nursing officer I recently spoke with had a problem: How do patients call for help when all the technology is down? The solution was decidedly low-tech—cowbells distributed to each room so patients could ring when they needed assistance.

The healthcare sector faces a rapidly increasing range of cybersecurity threats, with ransomware attacks emerging as one of the most significant. A combination of valuable patient data, interconnected medical devices, and small IT/cybersecurity operations staff, which spreads resources thin, can make healthcare organizations prime targets for threat actors. As healthcare operations become increasingly digitized—ranging from electronic health records (EHR) to telemedicine plat

In today’s digital age, protecting sensitive patient information is more critical than ever. Healthcare organizations face increasing threats from cyberattacks, data breaches, and unauthorized access. Ensuring patient data security is not just about compliance; it’s about maintaining trust and safeguarding lives. This article explores effective strategies to enhance patient data security tips that healthcare providers can implement immediately. Essential Patient Data Security

I lead PR and communications at Municorn, where brand trust meets data protection. If customers doubt their health information is safe, there’s no brand to build. I’ve seen how breaches erode trust overnight. For privacy-sensitive apps used in healthcare workflows, the proposed HIPAA Security Rule is not just compliance—it’s a chance to strengthen reputation and confidence.

ClickFix, FileFix, fake CAPTCHA — whatever you call it, attacks where users interact with malicious scripts in their web browser are a fast-growing source of security breaches. ClickFix attacks prompt the user to solve some kind of problem or challenge in the browser — most commonly a CAPTCHA, but also things like fixing an error on a webpage.

Findings from new cybersecurity reports this week highlight the type and impacts of escalating cyberthreats against U.S. healthcare organizations and their business partners. The reports – one from the Health Information Sharing and Analysis Center and two from security research firms the Ponemon Institute and Comparitech – show that cyberattacks continue to directly disrupt patient care and lead to serious clinical consequences. The attacks are becoming more frequent attacks

In today’s healthcare environment, understanding and adhering to regulatory requirements is crucial. The HIPAA (Health Insurance...

In today’s digital age, healthcare organizations face increasing challenges in protecting sensitive patient information. The rise of...