Monthly Healthcare News Roundup: The Cost of Insider Security Breaches, CTA’s New Healthcare AI Standard, and More

Monthly Healthcare News Roundup: The Cost of Insider Security Breaches, The Consumer Technology Association’s New Healthcare AI Standard, and More

Every month, we compile the most compelling healthcare privacy and security related news stories. Below, you’ll learn about the cost of insider security breaches, the Consumer Technology Association’s new healthcare AI standard, and more.

Insider breach remediation costs health, pharma $10.81M annually

The Cost of Insider Threats 2020 Global Report revealed that incidents caused by negligent or malicious insiders can cost companies millions. And, on average, health and pharmaceutical organizations spend $10.81 million every year to remediate threats from the inside.

The study surveyed 964 IT and IT security practitioners worldwide – and the results are staggering. In the past two years alone, there has been a 31% increase in the cost of insider threats, from $8.76 million in 2018 to $11.45 million in 2020. Additionally, the number of security incidents rose by 47% within the same time period. For more information on the cost of insider threats in healthcare, read the full Health IT Security article.

Consumer Technology Association develops healthcare AI standard

In February, the Consumer Technology Association (CTA) announced what they claim as the first standard accredited by the American National Standards Institute (ANSI) for the use of AI in healthcare. The standard, which was developed with input from roughly 50 tech companies, was created to define and characterize the use of AI in healthcare, as well as to establish a foundation for implementing clinical solutions built on AI.

“AI will play a major role in driving efficiency in healthcare and will support clinicians in making more precise diagnoses, offer personalized treatment and better guidance towards improved outcomes,” said Pat Baird, Regulatory Head of Global Software Standards at Philips. “This implies that AI will be used for decision support and decision making, which stresses the need for professionals to be able to take ownership, apply judgment and empathy. Transparency and a common language will be key to enable the proper and safe functioning of AI.”

Why cybersecurity deserves more attention from hospitals

As often as healthcare cybersecurity incidents are associated with phishing emails, health IT and cybersecurity attacks come in the form of ransomware and insider threats far more frequently – and there’s no sign this trend will slow down.

Despite health systems’ trust in employees to safeguard patient data, data breaches from insider incidents like negligence, VIP record access, and other insider threats have been on the rise. And  cyberattacks against critical equipment like medical devices – and even breaches themselves – can cost lives. What can healthcare systems do to mitigate threats like these? Read the full article from Becker’s Hospital Review to find out more.

The hospital data breach playbook — What to do before, during, and after

As healthcare data breaches continue to rise, cybersecurity is emerging as one of the most critical issues the industry faces. And with the increase in cyberattacks against health systems, Becker’s Hospital Review joined with Ensemble Health Partners to discuss approaches to data breach prevention and management, which include:

  • Before: Get one step ahead
  • During: Avoid knee-jerk reactions
  • After: Monitor, assess, and act
  • After part II: Reporting deadlines, details
  • After part III: Cooperate with the media, but don’t disclose PHI
  • After part IV: The use of business associate agreements

For more details on precautions to take to avoid costly and harmful data breaches, read the full Becker’s Hospital Review article.

AI success depends on good datasets, strategic alignment

From clinical to business uses, AI carries with it the potential to revolutionize the healthcare industry. But, for providers, rushing into adopting AI solutions may not be the best approach, according to Optum Senior Vice President of Analytics Tushar Mehrotra.

“The only way you are going to get value out of AI is to link the clinical or business problem to the organization’s overall strategy and make sure you have a rich enough data set to train the model so it generates actionable insights.” – Tushar Mehrotra, Senior Vice President of Analytics at Optum

In this Healthcare IT News article, Mehrotra discusses how vital it is to provide artificial intelligence and machine learning systems with quality information, along with how healthcare providers can leverage these technologies to transform their organizations and create medical breakthroughs that will resonate for years to come.

The low hanging fruit of HIPAA enforcement: OCR deputy director discusses

At the HHS Office for Civil Rights (OCR), Deputy Director of Health Information Privacy Timothy Noonan works consistently to ensure HIPAA and other healthcare privacy regulations are comprehensive enough to safeguard patient privacy. In this article, Becker’s Hospital Review sits down with Noonan to discuss the prospect of overhauling HIPAA to reflect technological innovation, correct patterns of noncompliance in the healthcare sector, and misconceptions about the privacy regulation.

“We are currently working on proposed modifications to the HIPAA Privacy Rule that we believe will improve information sharing and coordinated, value-based healthcare, while also reducing regulatory burdens.” – Timothy Noonan, Deputy Director of Health Information Privacy at the Office of Civil Rights