Healthcare leader and emergency physician Dr. Sean Kelly shares his perspective on the national push to eliminate friction and build a more connected, patient-first healthcare system.

The National Institute of Standards and Technology (NIST) has released a request for information for the NIST Privacy Framework: An Enterprise Risk Management Tool ("Privacy Framework").1 The purpose of the privacy framework is to improve management of privacy risk, which is a major gap across healthcare organizations today.

For revenue-cycle leaders, securing patient portals isn’t just an IT issue. It’s a business and trust imperative. A compromised portal means disrupted billing, scheduling, and collections, as well as reduced patient confidence.

Growing cybersecurity threats in healthcare

Digital patient portals like Epic MyChart have become central to modern health-system operations. Patients expect real-time access to records, bills, appointments, and messaging with providers, yet this same convenience can open a door to bad actors.

The shifting cybersecurity landscape

The cybersecurity landscape is changing quickly, but not necessarily in ways that make defenders’ jobs easier. On one hand, the Cybersecurity Information Sharing Act (CISA) of 2015 is approaching its September 30 expiration date, threatening to undercut the collaborative intelligence-sharing that has served as a critical early-warning system for the past decade.