Topics
Reimbursement
Hospitals sue HHS over disproportionate share hospital payment
Hospitals sue HHS over DSH hospital payments
Revenue Cycle Management
RCM accelerates cash and secures financial health 
RCM accelerates cash and secures financial health 
Strategic Planning
Walgreens considering selling all of its VillageMD business
Walgreens considering selling all of its VillageMD business
Capital Finance
Risant Health to invest $1 billion in Cone Health
Risant Health to invest $1 billion in Cone Health
Supply Chain
FDA tells providers to prepare for supply chain disruptions
FDA to providers: Prepare for supply chain disruptions
Accounting & Financial Management
Humana logs $679 million in Q2 profit
Humana logs $679 million in Q2 profit
Budgeting
Insurers likely to pay $1.1 billion in rebates this fall
Insurers likely to pay $1.1 billion in rebates this fall
Quality and Safety
HIMSSCast: Investors are helping to drive climate change initiatives
HIMSSCast: Investors are helping to drive climate change initiatives
Billing and Collections
CMS reports over 12,000 No Surprises Act violations 
CMS reports over 12,000 No Surprises Act violations 
Claims Processing
Johns Hopkins Health Plans announces multi-payer portal
Johns Hopkins Health Plans announces multi-payer portal
Workforce
Feds grant $100 million to grow healthcare workforce
Feds grant $100M to grow healthcare workforce
Operations
Dana-Farber CEO and president to step down
Dana-Farber CEO and president to step down
Medical Devices
Healthcare chatbots may promote racist misinformation
Healthcare chatbots may promote racist misinformation
Hospital/physician relations
Hospitals, physicians submit opposing views to FTC ruling on noncompetes
Hospitals, physicians submit opposing views to FTC ruling
Construction & Facilities Management
Christus Health to see $25 million expansion at Texas hospital
Christus to see $25M expansion at Texas hospital
Compliance & Legal
CVS' Oak Street Health paying $60M over alleged Medicare Advantage kickbacks
CVS' Oak Street paying $60M over alleged MA kickbacks
Policy and Legislation
Inpatient rehab facilities get 3% payment increase
Inpatient rehabs get 3% payment increase
Community Benefit
Nonprofit hospitals' charity care falling behind tax breaks, report shows
Report: Hospitals' charity care falling behind tax breaks
Accountable Care
ACO REACH changes more negative than positive, says participant
ACO REACH changes not positive, says participant
Acute Care
AHA: Hospitals improve patient safety measures above pre-pandemic levels
AHA: Hospitals improve patient safety measures
Ambulatory Care
Walmart announces closing of clinics and virtual care
Walmart is closing clinics and virtual care
Analytics
Interoperability in healthcare moving forward despite challenges
Interoperability in healthcare moving forward despite challenges
Business Intelligence
Cigna launching E-Treatment virtual care through MDLIVE
Cigna launching virtual care through MDLIVE
ICD-10 & Coding
Physician practices examine risk adjustment coding in wake of federal lawsuits
Practices keeping close watch on risk adjustment coding
Meaningful Use
Financial disincentives for providers who commit information blocking 
Financial disincentives for providers who commit information blocking 
Medicare & Medicaid
Insurers will make $11.8 billion in Medicare Advantage quality bonus payments
Insurers to make $11.8B in MA quality bonus payments
Patient Engagement
Patients see narrow networks in ACA marketplace plans, KFF finds
KFF: Patients see narrow networks in ACA marketplace plans
Pharmacy
Express Scripts sues Federal Trade Commission over PBM report
Express Scripts sues Federal Trade Commission over PBM report
Population Health
Many women skip care due to access issues, survey shows
Survey: Many women skip care due to access issues
Risk Management
UPMC for You partners to offer Medicaid redetermination coverage in laundromats
UPMC for You offers Medicaid redetermination coverage in laundromats
Telehealth
Patients less likely to seek virtual behavioral care when paying out-of-pocket
Patients who pay cost-sharing less likely to seek virtual care
Mergers & Acquisitions
CHS to acquire 10 urgent care centers in Arizona
CHS to acquire 10 urgent care centers in Arizona
View more
Dec 05, 2022 More on Medical Devices

Medical devices are inherently vulnerable to security breaches

Best practices include adopting a zero-trust approach, which means no notion of implied trust, says Anand Oswal of Palo Alto Networks.

Susan Morse, Executive Editor

Anand Oswal, senior vice president and general manager, Palo Alto Networks, spoke at the HIMSS Healthcare Cybersecurity Forum in Boston.

Photo: Susan Morse

BOSTON – Medical devices are inherently vulnerable to security breaches, according to Anand Oswal, senior vice president and general manager of Palo Alto Networks, speaking at the HIMSS Healthcare Cybersecurity Forum here on Monday.

A major reason they're vulnerable is that they're connected in a way that's not always seen, Oswal said.

"You can only secure what you can see," he said. 

These unseen vulnerabilities create risk, with the threats outpacing the ability to stop them. Cyberattacks have increased tremendously. Between 2020 and 2021, there was a 200% increase in cyberattacks in healthcare organizations, he said.

Medical devices may also be old technology. An estimated 83% of imaging systems are running at the end-of-life stage; 75% of infusion pumps have unpatched vulnerabilities; and 72% of healthcare organizations have a mix of IT and medical devices within the same network.

These factors, combined with legacy security architectures, hinder compliance, Oswal said.

Medical devices must be proactively managed for compliance. Simplify compliance by knowing how and when critical medication devices are being used, Oswal said. Simplify operations by limiting the number of point solutions, invest in existing security talent and infrastructure, automate workflows, and onboard new devices and retire old ones. 

Great things are happening with connective devices, from an enhanced patient experience to improved patient outcomes, increased efficiency and reduced costs, Oswal said. There's also a lot of good data from these connected devices, such as smart pumps measuring and ensuring drug dosages that result in a better outcome for the patient.

But connections create vulnerabilities.

Best practices include adopting a zero-trust approach. This phrase is often used but also misunderstood. 

A zero-trust approach, Oswal said, "means there can be no notion of implied trust." 

Twitter: @SusanJMorse
Email the writer: SMorse@himss.org

News
Healthcare organizations ask HHS to delay quality measure reporting for ACOs Healthcare organizations ask HHS to delay quality measure reporting for ACOs The American Hospital Association and American Medical Association are among the 11 organizations signing the letter.